| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-42333 | Hig | 0.57 | 8.8 | 0.01 | Oct 15, 2021 | The Easytest contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions. | ||
| CVE-2021-42330 | Hig | 0.57 | 8.8 | 0.01 | Oct 15, 2021 | The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters. | ||
| CVE-2021-40999 | Hig | 0.47 | 7.2 | 0.02 | Oct 15, 2021 | A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has… | ||
| CVE-2021-42340 | — | Hig | 0.43 | 7.5 | 0.11 | Oct 14, 2021 | The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the… | |
| CVE-2021-38295 | Hig | 0.48 | 7.3 | 0.02 | Oct 14, 2021 | In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML… | ||
| CVE-2021-36389 | Hig | 0.49 | 7.5 | 0.03 | Oct 14, 2021 | In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4". | ||
| CVE-2021-36388 | Hig | 0.49 | 7.5 | 0.03 | Oct 14, 2021 | In Yellowfin before 9.6.1 it is possible to enumerate and download users profile pictures through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIIAvatarImage.i4". | ||
| CVE-2021-42228 | — | Hig | 0.57 | 8.8 | 0.01 | Oct 14, 2021 | A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html. | |
| CVE-2021-38346 | Hig | 0.57 | 8.8 | 0.02 | Oct 14, 2021 | The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to… | ||
| CVE-2021-38345 | Hig | 0.46 | 7.1 | 0.01 | Oct 14, 2021 | The Brizy Page Builder plugin <= 2.3.11 for WordPress used an incorrect authorization check that allowed any logged-in user accessing any endpoint in the wp-admin directory to modify the content of any existing post or page created with the Brizy editor. An identical issue was… | ||
| CVE-2021-37933 | Hig | 0.49 | 7.5 | 0.01 | Oct 14, 2021 | An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication. The vulnerability is due to insufficient server-side validation of the email… | ||
| CVE-2021-33177 | Hig | 0.58 | 8.8 | 0.10 | Oct 14, 2021 | The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries. | ||
| CVE-2021-22964 | — | Hig | 0.50 | 8.8 | 0.01 | Oct 14, 2021 | A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash `//` followed by a domain: `http://localhost:3000//a//youtube.com/%2e%2e%2f%2e%2e`.A DOS… | |
| CVE-2020-19961 | Hig | 0.49 | 7.5 | 0.02 | Oct 14, 2021 | A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the component subzs.php. | ||
| CVE-2020-19960 | Hig | 0.49 | 7.5 | 0.01 | Oct 14, 2021 | A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie. | ||
| CVE-2020-19959 | Hig | 0.49 | 7.5 | 0.01 | Oct 14, 2021 | A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie. | ||
| CVE-2020-19957 | Hig | 0.49 | 7.5 | 0.01 | Oct 14, 2021 | A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the id parameter on the /dl/dl_print.php page. | ||
| CVE-2020-19954 | Hig | 0.49 | 7.5 | 0.01 | Oct 14, 2021 | An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files. | ||
| CVE-2021-42341 | Hig | 0.00 | 7.5 | 0.02 | Oct 14, 2021 | checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae,… | ||
| CVE-2021-40854 | Hig | 0.51 | 7.8 | 0.00 | Oct 14, 2021 | AnyDesk before 6.2.6 and 6.3.x before 6.3.3 allows a local user to obtain administrator privileges by using the Open Chat Log feature to launch a privileged Notepad process that can launch other applications. | ||
| CVE-2021-40843 | Hig | 0.47 | 7.3 | 0.00 | Oct 13, 2021 | Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user… | ||
| CVE-2021-20131 | Hig | 0.58 | 8.8 | 0.16 | Oct 13, 2021 | ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface. | ||
| CVE-2021-20130 | Hig | 0.60 | 8.8 | 0.32 | Oct 13, 2021 | ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. | ||
| CVE-2021-41139 | Hig | 0.00 | 8.1 | 0.01 | Oct 13, 2021 | Anuko Time Tracker is an open source, web-based time tracking application written in PHP. When a logged on user selects a date in Time Tracker, it is being passed on via the date parameter in URI. Because of not checking this parameter for sanity in versions prior to… | ||
| CVE-2021-3057 | Hig | 0.53 | 8.1 | 0.01 | Oct 13, 2021 | A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions… | ||
| CVE-2021-20129 | Hig | 0.49 | 7.5 | 0.02 | Oct 13, 2021 | An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs. | ||
| CVE-2021-20127 | Hig | 0.53 | 8.1 | 0.01 | Oct 13, 2021 | An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges. | ||
| CVE-2021-20126 | Hig | 0.57 | 8.8 | 0.01 | Oct 13, 2021 | Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | ||
| CVE-2021-20124 | Hig | 0.66 | 7.5 | 0.69 | KEV | Oct 13, 2021 | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root… | |
| CVE-2021-20123 | Hig | 0.67 | 7.5 | 0.74 | KEV | Oct 13, 2021 | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system… | |
| CVE-2021-39304 | Hig | 0.49 | 7.5 | 0.01 | Oct 13, 2021 | Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass. | ||
| CVE-2021-34814 | Hig | 0.49 | 7.5 | 0.01 | Oct 13, 2021 | Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass. | ||
| CVE-2021-41137 | Hig | 0.00 | 8.8 | 0.01 | Oct 13, 2021 | Minio is a Kubernetes native application for cloud storage. All users on release `RELEASE.2021-10-10T16-53-30Z` are affected by a vulnerability that involves bypassing policy restrictions on regular users. Normally, checkKeyValid() should return owner true for rootCreds. In the… | ||
| CVE-2021-20833 | Hig | 0.48 | 7.4 | 0.00 | Oct 13, 2021 | The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate. | ||
| CVE-2021-20831 | Hig | 0.57 | 8.8 | 0.01 | Oct 13, 2021 | Cross-site request forgery (CSRF) vulnerability in OG Tags versions prior to 2.0.2 allows a remote attacker to hijack the authentication of administrators and unintended operation may be performed via unspecified vectors. | ||
| CVE-2021-20795 | Hig | 0.57 | 8.8 | 0.01 | Oct 13, 2021 | Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors. | ||
| CVE-2021-41357 | Hig | 0.63 | 7.8 | 0.02 | KEV | Oct 13, 2021 | Win32k Elevation of Privilege Vulnerability | |
| CVE-2021-41352 | Hig | 0.49 | 7.5 | 0.03 | Oct 13, 2021 | SCOM Information Disclosure Vulnerability | ||
| CVE-2021-41348 | Hig | 0.52 | 8.0 | 0.01 | Oct 13, 2021 | Microsoft Exchange Server Elevation of Privilege Vulnerability | ||
| CVE-2021-41347 | Hig | 0.51 | 7.8 | 0.01 | Oct 13, 2021 | Windows AppX Deployment Service Elevation of Privilege Vulnerability | ||
| CVE-2021-41345 | Hig | 0.51 | 7.8 | 0.01 | Oct 13, 2021 | Storage Spaces Controller Elevation of Privilege Vulnerability | ||
| CVE-2021-41344 | Hig | 0.53 | 8.1 | 0.06 | Oct 13, 2021 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2021-41340 | Hig | 0.51 | 7.8 | 0.02 | Oct 13, 2021 | Windows Graphics Component Remote Code Execution Vulnerability | ||
| CVE-2021-41335 | Hig | 0.51 | 7.8 | 0.01 | Oct 13, 2021 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2021-41334 | Hig | 0.46 | 7.0 | 0.00 | Oct 13, 2021 | Windows Desktop Bridge Elevation of Privilege Vulnerability | ||
| CVE-2021-41331 | Hig | 0.51 | 7.8 | 0.02 | Oct 13, 2021 | Windows Media Audio Decoder Remote Code Execution Vulnerability | ||
| CVE-2021-41330 | Hig | 0.51 | 7.8 | 0.02 | Oct 13, 2021 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||
| CVE-2021-40489 | Hig | 0.51 | 7.8 | 0.01 | Oct 13, 2021 | Storage Spaces Controller Elevation of Privilege Vulnerability | ||
| CVE-2021-40488 | Hig | 0.51 | 7.8 | 0.01 | Oct 13, 2021 | Storage Spaces Controller Elevation of Privilege Vulnerability | ||
| CVE-2021-40487 | Hig | 0.56 | 8.1 | 0.46 | Oct 13, 2021 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
- risk 0.57cvss 8.8epss 0.01
The Easytest contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions.
- risk 0.57cvss 8.8epss 0.01
The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters.
- risk 0.47cvss 7.2epss 0.02
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has…
- risk 0.43cvss 7.5epss 0.11
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the…
- risk 0.48cvss 7.3epss 0.02
In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML…
- risk 0.49cvss 7.5epss 0.03
In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4".
- risk 0.49cvss 7.5epss 0.03
In Yellowfin before 9.6.1 it is possible to enumerate and download users profile pictures through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIIAvatarImage.i4".
- risk 0.57cvss 8.8epss 0.01
A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.
- risk 0.57cvss 8.8epss 0.02
The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to…
- risk 0.46cvss 7.1epss 0.01
The Brizy Page Builder plugin <= 2.3.11 for WordPress used an incorrect authorization check that allowed any logged-in user accessing any endpoint in the wp-admin directory to modify the content of any existing post or page created with the Brizy editor. An identical issue was…
- risk 0.49cvss 7.5epss 0.01
An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication. The vulnerability is due to insufficient server-side validation of the email…
- risk 0.58cvss 8.8epss 0.10
The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries.
- risk 0.50cvss 8.8epss 0.01
A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash `//` followed by a domain: `http://localhost:3000//a//youtube.com/%2e%2e%2f%2e%2e`.A DOS…
- risk 0.49cvss 7.5epss 0.02
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the component subzs.php.
- risk 0.49cvss 7.5epss 0.01
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie.
- risk 0.49cvss 7.5epss 0.01
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie.
- risk 0.49cvss 7.5epss 0.01
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the id parameter on the /dl/dl_print.php page.
- risk 0.49cvss 7.5epss 0.01
An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files.
- risk 0.00cvss 7.5epss 0.02
checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae,…
- risk 0.51cvss 7.8epss 0.00
AnyDesk before 6.2.6 and 6.3.x before 6.3.3 allows a local user to obtain administrator privileges by using the Open Chat Log feature to launch a privileged Notepad process that can launch other applications.
- risk 0.47cvss 7.3epss 0.00
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user…
- risk 0.58cvss 8.8epss 0.16
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.
- risk 0.60cvss 8.8epss 0.32
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
- risk 0.00cvss 8.1epss 0.01
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. When a logged on user selects a date in Time Tracker, it is being passed on via the date parameter in URI. Because of not checking this parameter for sanity in versions prior to…
- risk 0.53cvss 8.1epss 0.01
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions…
- risk 0.49cvss 7.5epss 0.02
An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs.
- risk 0.53cvss 8.1epss 0.01
An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges.
- risk 0.57cvss 8.8epss 0.01
Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
- risk 0.66cvss 7.5epss 0.69
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root…
- risk 0.67cvss 7.5epss 0.74
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system…
- risk 0.49cvss 7.5epss 0.01
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.
- risk 0.49cvss 7.5epss 0.01
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass.
- risk 0.00cvss 8.8epss 0.01
Minio is a Kubernetes native application for cloud storage. All users on release `RELEASE.2021-10-10T16-53-30Z` are affected by a vulnerability that involves bypassing policy restrictions on regular users. Normally, checkKeyValid() should return owner true for rootCreds. In the…
- risk 0.48cvss 7.4epss 0.00
The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in OG Tags versions prior to 2.0.2 allows a remote attacker to hijack the authentication of administrators and unintended operation may be performed via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors.
- risk 0.63cvss 7.8epss 0.02
Win32k Elevation of Privilege Vulnerability
- risk 0.49cvss 7.5epss 0.03
SCOM Information Disclosure Vulnerability
- risk 0.52cvss 8.0epss 0.01
Microsoft Exchange Server Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows AppX Deployment Service Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Storage Spaces Controller Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.06
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.02
Windows Graphics Component Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.00
Windows Desktop Bridge Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.02
Windows Media Audio Decoder Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.02
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Storage Spaces Controller Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Storage Spaces Controller Elevation of Privilege Vulnerability
- risk 0.56cvss 8.1epss 0.46
Microsoft SharePoint Server Remote Code Execution Vulnerability