Search Results (364989 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-3822 1 Jsoneditoronline 1 Jsoneditor 2024-11-21 7.5 High
jsoneditor is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3820 1 Inflect Project 1 Inflect 2024-11-21 7.5 High
inflect is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3819 1 Firefly-iii 1 Firefly Iii 2024-11-21 8.8 High
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3818 1 Getgrav 1 Grav 2024-11-21 5.3 Medium
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking
CVE-2021-3817 1 Wbce 1 Wbce Cms 2024-11-21 9.8 Critical
wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
CVE-2021-3816 1 Cacti 1 Cacti 2024-11-21 5.4 Medium
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php.
CVE-2021-3815 1 Utils.js Project 1 Utils.js 2024-11-21 9.8 Critical
utils.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2021-3814 1 Redhat 2 3scale, 3scale Amp 2024-11-21 7.5 High
It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure.
CVE-2021-3813 1 Chatwoot 1 Chatwoot 2024-11-21 6.5 Medium
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2.
CVE-2021-3812 1 Pi-hole 1 Web Interface 2024-11-21 6.1 Medium
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3811 1 Pi-hole 1 Web Interface 2024-11-21 6.1 Medium
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3810 1 Coder 1 Code-server 2024-11-21 7.5 High
code-server is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3807 3 Ansi-regex Project, Oracle, Redhat 10 Ansi-regex, Communications Cloud Native Core Policy, Acm and 7 more 2024-11-21 7.5 High
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3805 3 Debian, Object-path Project, Redhat 3 Debian Linux, Object-path, Acm 2024-11-21 7.5 High
object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2021-3804 1 Taro 1 Taro 2024-11-21 7.5 High
taro is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3803 2 Debian, Nth-check Project 2 Debian Linux, Nth-check 2024-11-21 7.5 High
nth-check is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3802 3 Fedoraproject, Redhat, Udisks Project 3 Fedora, Enterprise Linux, Udisks 2024-11-21 4.2 Medium
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.
CVE-2021-3801 2 Prismjs, Redhat 2 Prism, Advanced Cluster Security 2024-11-21 6.5 Medium
prism is vulnerable to Inefficient Regular Expression Complexity
CVE-2021-3800 4 Debian, Gnome, Netapp and 1 more 4 Debian Linux, Glib, Active Iq Unified Manager and 1 more 2024-11-21 5.5 Medium
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
CVE-2021-3799 1 Getgrav 1 Grav-plugin-admin 2024-11-21 5.4 Medium
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames