Total
1931 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41084 | 1 Typelevel | 1 Http4s | 2024-11-21 | 8.7 High |
| http4s is an open source scala interface for HTTP. In affected versions http4s is vulnerable to response-splitting or request-splitting attacks when untrusted user input is used to create any of the following fields: Header names (`Header.name`å), Header values (`Header.value`), Status reason phrases (`Status.reason`), URI paths (`Uri.Path`), URI authority registered names (`URI.RegName`) (through 0.21). This issue has been resolved in versions 0.21.30, 0.22.5, 0.23.4, and 1.0.0-M27 perform the following. As a matter of practice http4s services and client applications should sanitize any user input in the aforementioned fields before returning a request or response to the backend. The carriage return, newline, and null characters are the most threatening. | ||||
| CVE-2021-40336 | 1 Hitachienergy | 2 Modular Switchgear Monitoring, Modular Switchgear Monitoring Firmware | 2024-11-21 | 5 Medium |
| A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session cookies. Thus, an attacker who successfully makes an MSM user who has already established a session to MSM web interface clicks a forged link to the MSM web interface, e.g., the link is sent per E-Mail, could trick the user into downloading malicious software onto his computer. This issue affects: Hitachi Energy MSM V2.2 and prior versions. | ||||
| CVE-2021-40143 | 1 Sonatype | 1 Nexus Repository Manager 3 | 2024-11-21 | 8.2 High |
| Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance. | ||||
| CVE-2021-3524 | 3 Debian, Fedoraproject, Redhat | 4 Debian Linux, Fedora, Ceph and 1 more | 2024-11-21 | 6.5 Medium |
| A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. In addition, the prior bug fix for CVE-2020-10753 did not account for the use of \r as a header separator, thus a new flaw has been created. | ||||
| CVE-2021-3197 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2024-11-21 | 9.8 Critical |
| An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request. | ||||
| CVE-2021-3169 | 1 Jumpserver | 1 Jumpserver | 2024-11-21 | 9.8 Critical |
| An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets. | ||||
| CVE-2021-3154 | 1 Solarwinds | 1 Serv-u | 2024-11-21 | 7.5 High |
| An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481. | ||||
| CVE-2021-3027 | 1 Librit | 1 Passhport | 2024-11-21 | 6.5 Medium |
| app/views_mod/user/user.py in LibrIT PaSSHport through 2.5 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided search filter because user input gets no sanitization. | ||||
| CVE-2021-39213 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 6.8 Medium |
| GLPI is a free Asset and IT management software package. Starting in version 9.1 and prior to version 9.5.6, GLPI with API Rest enabled is vulnerable to API bypass with custom header injection. This issue is fixed in version 9.5.6. One may disable API Rest as a workaround. | ||||
| CVE-2021-39187 | 1 Parseplatform | 1 Parse-server | 2024-11-21 | 7.5 High |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.3, Parse Server crashes when if a query request contains an invalid value for the `explain` option. This is due to a bug in the MongoDB Node.js driver which throws an exception that Parse Server cannot catch. There is a patch for this issue in version 4.10.3. No workarounds aside from upgrading are known to exist. | ||||
| CVE-2021-39175 | 1 Hedgedoc | 1 Hedgedoc | 2024-11-21 | 8.1 High |
| HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the HedgeDoc instance into another page. The problem is patched in version 1.9.0. There are no known workarounds aside from upgrading. | ||||
| CVE-2021-39031 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 8.8 High |
| IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 213875. | ||||
| CVE-2021-38873 | 1 Ibm | 1 Planning Analytics | 2024-11-21 | 7.8 High |
| IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396. | ||||
| CVE-2021-38458 | 1 Moxa | 1 Mxview | 2024-11-21 | 9.8 Critical |
| A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | ||||
| CVE-2021-38371 | 1 Exim | 1 Exim | 2024-11-21 | 7.5 High |
| The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending. | ||||
| CVE-2021-38294 | 1 Apache | 1 Storm | 2024-11-21 | 9.8 Critical |
| A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to authentication. | ||||
| CVE-2021-38290 | 1 Thedaylightstudio | 1 Fuel Cms | 2024-11-21 | 8.1 High |
| A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. An attacker can use a man in the middle attack such as phishing. | ||||
| CVE-2021-38084 | 1 Courier-mta | 1 Courier Mail Server | 2024-11-21 | 8.1 High |
| An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session. | ||||
| CVE-2021-37933 | 1 Huntflow | 1 Huntflow Enterprise | 2024-11-21 | 7.5 High |
| An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication. The vulnerability is due to insufficient server-side validation of the email parameter before using it to construct LDAP queries. An attacker could bypass authentication exploiting this vulnerability by sending login attempts in which there is a valid password but a wildcard character in email parameter. | ||||
| CVE-2021-37541 | 1 Jetbrains | 1 Hub | 2024-11-21 | 6.1 Medium |
| In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible. | ||||