Total
35339 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32607 | 1 Smartstore | 1 Smartstore | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message. | ||||
| CVE-2021-32575 | 1 Hashicorp | 1 Nomad | 2024-11-21 | 6.5 Medium |
| HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1. | ||||
| CVE-2021-32560 | 1 Octoprint | 1 Octoprint | 2024-11-21 | 6.5 Medium |
| The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files. | ||||
| CVE-2021-32546 | 1 Gogs | 1 Gogs | 2024-11-21 | 8.8 High |
| Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can create a new file in a new repository, using the GUI, with "\" as its name, and then rename this file to .git/config with the custom configuration content (and then save it). | ||||
| CVE-2021-32497 | 1 Sick | 1 Sopas Engineering Tool | 2024-11-21 | 8.6 High |
| SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks. | ||||
| CVE-2021-32473 | 1 Moodle | 1 Moodle | 2024-11-21 | 5.3 Medium |
| It was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected | ||||
| CVE-2021-32234 | 1 Smartertools | 1 Smartermail | 2024-11-21 | 9.8 Critical |
| SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution. | ||||
| CVE-2021-32198 | 1 Emtec | 1 Zoc | 2024-11-21 | 9.8 Critical |
| EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change. | ||||
| CVE-2021-32028 | 2 Postgresql, Redhat | 5 Postgresql, Ansible Automation Platform, Enterprise Linux and 2 more | 2024-11-21 | 6.5 Medium |
| A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2021-32023 | 1 Blackberry | 1 Protect | 2024-11-21 | 7.8 High |
| An elevation of privilege vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system. | ||||
| CVE-2021-32022 | 1 Blackberry | 1 Protect | 2024-11-21 | 5.5 Medium |
| A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system and gaining the ability to delete data from the local system. | ||||
| CVE-2021-32021 | 1 Blackberry | 1 Protect | 2024-11-21 | 7.8 High |
| A denial of service vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system. | ||||
| CVE-2021-31985 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 7.8 High |
| Microsoft Defender Remote Code Execution Vulnerability | ||||
| CVE-2021-31984 | 1 Microsoft | 1 Power Bi Report Server | 2024-11-21 | 7.6 High |
| Power BI Remote Code Execution Vulnerability | ||||
| CVE-2021-31983 | 1 Microsoft | 1 Paint 3d | 2024-11-21 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2021-31980 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 8.1 High |
| Microsoft Intune Management Extension Remote Code Execution Vulnerability | ||||
| CVE-2021-31978 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 5.5 Medium |
| Microsoft Defender Denial of Service Vulnerability | ||||
| CVE-2021-31976 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Server for NFS Information Disclosure Vulnerability | ||||
| CVE-2021-31975 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Server for NFS Information Disclosure Vulnerability | ||||
| CVE-2021-31974 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Server for NFS Denial of Service Vulnerability | ||||