Search Results (367183 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-41584 1 Gradle 1 Gradle 2024-11-21 7.5 High
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header.
CVE-2021-41583 3 Debian, Eduvpn, Fedoraproject 3 Debian Linux, Vpn-user-portal, Fedora 2024-11-21 6.5 Medium
vpn-user-portal (aka eduVPN or Let's Connect!) before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional VPN access.
CVE-2021-41581 1 Openbsd 1 Libressl 2024-11-21 5.5 Medium
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.
CVE-2021-41580 1 Passportjs 1 Passport-oauth2 2024-11-21 5.3 Medium
The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identity provider uses an HTTP 200 status code for authentication-failure error reports, and an application grants authorization upon simply receiving the access token (i.e., does not try to use the token). NOTE: the passport-oauth2 vendor does not consider this a passport-oauth2 vulnerability
CVE-2021-41579 1 Laquisscada 1 Scada 2024-11-21 7.8 High
LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locations where the user has permission, leading to code execution.
CVE-2021-41578 1 Myscada 1 Mydesigner 2024-11-21 7.8 High
mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files. If an attacker can trick a victim into importing a malicious mep file, then they gain the ability to write arbitrary files to OS locations where the user has permission. This would typically lead to code execution.
CVE-2021-41573 1 Hitachi 1 Content Platform Anywhere 2024-11-21 7.5 High
Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. If authenticated user creates a link to a file or folder while the system was running version 4.3.x or earlier and then shares the link and then later deletes the file or folder without deleting the link and before the link expires. If the system has been upgraded to version 4.4.5 or 4.5.0 a malicious user with the link could browse and download all files of the authenticated user that created the link .
CVE-2021-41571 1 Apache 1 Pulsar 2024-11-21 6.5 Medium
In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and it is supposed to be a valid it for the topic. Authorisation controls are performed against the topic name and there is not proper validation the that ledger id is valid in the context of such ledger. So it may happen that the user is able to read from a ledger that contains data owned by another tenant. This issue affects Apache Pulsar Apache Pulsar version 2.8.0 and prior versions; Apache Pulsar version 2.7.3 and prior versions; Apache Pulsar version 2.6.4 and prior versions.
CVE-2021-41570 1 Veritas 1 Netbackup 2024-11-21 5.4 Medium
Veritas NetBackup OpsCenter Analytics 9.1 allows XSS via the NetBackup Master Server Name, Display Name, NetBackup User Name, or NetBackup Password field during a Settings/Configuration Add operation.
CVE-2021-41569 1 Sas 1 Sas\/intrnet 2024-11-21 7.5 High
SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. Users can escape the context of the configured user-controllable variable and append additional functions native to the macro but not included as variables within the library. This includes a function that retrieves files from the host OS.
CVE-2021-41568 1 Tad Web Project 1 Tad Web 2024-11-21 5.3 Medium
Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the vulnerability to use the original function of viewing bulletin boards and uploading files in the system.
CVE-2021-41567 1 Tad Uploader Project 1 Tad Uploader 2024-11-21 6.1 Medium
The new add subject parameter of Tad Uploader view book list function fails to filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.
CVE-2021-41566 1 Tadtools Project 1 Tadtools 2024-11-21 9.8 Critical
The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.
CVE-2021-41565 1 Tadtools Project 1 Tadtools 2024-11-21 6.1 Medium
TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.
CVE-2021-41564 1 Tad Honor Project 1 Tad Honor 2024-11-21 5.3 Medium
Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers can use special parameters to delete articles arbitrarily without logging in.
CVE-2021-41563 1 Tad Book3 Project 1 Tad Book3 2024-11-21 6.1 Medium
Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.
CVE-2021-41562 1 Snowsoftware 1 Snow Inventory Agent 2024-11-21 6.1 Medium
A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. This issue affects: Snow Snow Agent for Windows version 5.0.0 to 6.7.1 on Windows.
CVE-2021-41560 1 Opencats 1 Opencats 2024-11-21 9.8 Critical
OpenCATS through 0.9.6 allows remote attackers to execute arbitrary code by uploading an executable file via lib/FileUtility.php.
CVE-2021-41559 1 Silverstripe 1 Silverstripe 2024-11-21 6.5 Medium
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.
CVE-2021-41558 1 Set User Project 1 Set User 2024-11-21 9.8 Critical
The set_user extension module before 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config.