Total
2379 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-30571 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 9.6 Critical |
| Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2021-30539 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 5.4 Medium |
| Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. | ||||
| CVE-2021-30538 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 Medium |
| Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. | ||||
| CVE-2021-30537 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 Medium |
| Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass cookie policy via a crafted HTML page. | ||||
| CVE-2021-30534 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.5 Medium |
| Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | ||||
| CVE-2021-30159 | 3 Debian, Fedoraproject, Mediawiki | 3 Debian Linux, Fedora, Mediawiki | 2024-11-21 | 4.3 Medium |
| An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget() uses FOR UPDATE, but it's only called if Title::getArticleID() returns non-zero with no special flags. Next, MovePage::moveToInternal() will delete the page if getArticleID(READ_LATEST) is non-zero. Therefore, if the page is missing in the replica DB, isValidMove() will return true, and then moveToInternal() will unconditionally delete the page if it can be found in the master. | ||||
| CVE-2021-30155 | 3 Debian, Fedoraproject, Mediawiki | 3 Debian Linux, Fedora, Mediawiki | 2024-11-21 | 4.3 Medium |
| An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page. | ||||
| CVE-2021-2471 | 3 Oracle, Quarkus, Redhat | 11 Communications Cloud Native Core Console, Communications Cloud Native Core Network Slice Selection Function, Communications Cloud Native Core Policy and 8 more | 2024-11-21 | 5.9 Medium |
| Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H). | ||||
| CVE-2021-29961 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 Medium |
| When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox < 89. | ||||
| CVE-2021-29959 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 Medium |
| When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera. This vulnerability affects Firefox < 89. | ||||
| CVE-2021-29951 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-11-21 | 6.5 Medium |
| The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1, Firefox < 87, and Firefox ESR < 78.10.1. | ||||
| CVE-2021-29943 | 1 Apache | 1 Solr | 2024-11-21 | 9.1 Critical |
| When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts. | ||||
| CVE-2021-29678 | 6 Hp, Ibm, Linux and 3 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-11-21 | 8.7 High |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user with DBADM authority to access other databases and read or modify files. IBM X-Force ID: 199914. | ||||
| CVE-2021-29642 | 1 Gistpad Project | 1 Gistpad | 2024-11-21 | 5.3 Medium |
| GistPad before 0.2.7 allows a crafted workspace folder to change the URL for the Gist API, which leads to leakage of GitHub access tokens. | ||||
| CVE-2021-29628 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.5 High |
| In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit. | ||||
| CVE-2021-29492 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-11-21 | 8.1 High |
| Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences `%2F` and `%5C` in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. `/something%2F..%2Fadmin`, to bypass access control, e.g. a block on `/admin`. A backend server could then decode slash sequences and normalize path and provide an attacker access beyond the scope provided for by the access control policy. ### Impact Escalation of Privileges when using RBAC or JWT filters with enforcement based on URL path. Users with back end servers that interpret `%2F` and `/` and `%5C` and `\` interchangeably are impacted. ### Attack Vector URL paths containing escaped slash characters delivered by untrusted client. Patches in versions 1.18.3, 1.17.3, 1.16.4, 1.15.5 contain new path normalization option to decode escaped slash characters. As a workaround, if back end servers treat `%2F` and `/` and `%5C` and `\` interchangeably and a URL path based access control is configured, one may reconfigure the back end server to not treat `%2F` and `/` and `%5C` and `\` interchangeably. | ||||
| CVE-2021-29452 | 1 Curveballjs | 1 A12n-server | 2024-11-21 | 8.1 High |
| a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make this change. Patched in v0.18.2. | ||||
| CVE-2021-29439 | 1 Getgrav | 1 Grav Admin | 2024-11-21 | 7.2 High |
| The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission `admin.login` can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary code execution primitive and elevate their privileges on the instance. The vulnerability has been addressed in version 1.10.11. As a mitigation blocking access to the `/admin` path from untrusted sources will reduce the probability of exploitation. | ||||
| CVE-2021-29437 | 1 Scratchoauth2 Project | 1 Scratchoauth2 | 2024-11-21 | 8 High |
| ScratchOAuth2 is an Oauth implementation for Scratch. Any ScratchOAuth2-related data normally accessible and modifiable by a user can be read and modified by a third party. 1. Scratch user visits 3rd party site. 2. 3rd party site asks user for Scratch username. 3. 3rd party site pretends to be user and gets login code from ScratchOAuth2. 4. 3rd party site gives code to user and instructs them to post it on their profile. 5. User posts code on their profile, not knowing it is a ScratchOAuth2 login code. 6. 3rd party site completes login with ScratchOAuth2. 7. 3rd party site has full access to anything the user could do if they directly logged in. See referenced GitHub security advisory for patch notes and workarounds. | ||||
| CVE-2021-29394 | 1 Globalnorthstar | 1 Northstar Club Management | 2024-11-21 | 6.5 Medium |
| Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote authenticated users to change the password of any targeted user accounts via lack of proper authorization in the user-controlled "userID" parameter of the HTTP POST request. | ||||