Search Results (366372 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-45885 1 Stormshield 1 Network Security 2024-11-21 7.5 High
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
CVE-2021-45884 4 Apple, Brave, Linux and 1 more 4 Macos, Brave, Linux Kernel and 1 more 2024-11-21 7.5 High
In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in information disclosure. NOTE: this issue exists because of an incomplete fix for CVE-2021-21323 and CVE-2021-22916.
CVE-2021-45878 1 Garo 6 Wallbox Glb, Wallbox Glb Firmware, Wallbox Gtb and 3 more 2024-11-21 9.1 Critical
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information.
CVE-2021-45877 1 Garo 6 Wallbox Glb, Wallbox Glb Firmware, Wallbox Gtb and 3 more 2024-11-21 9.8 Critical
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat completely on port 8000 in the tomcat manger page.
CVE-2021-45876 1 Garo 6 Wallbox Glb, Wallbox Glb Firmware, Wallbox Gtb and 3 more 2024-11-21 9.8 Critical
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware.
CVE-2021-45868 2 Linux, Netapp 17 Linux Kernel, H300e, H300e Firmware and 14 more 2024-11-21 5.5 Medium
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.
CVE-2021-45866 1 Student Attendance Management System Project 1 Student Attendance Management System 2024-11-21 5.4 Medium
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Student Attendance Management System 1.0 via the couse filed in index.php.
CVE-2021-45865 1 Student Attendance Management System Project 1 Student Attendance Management System 2024-11-21 9.8 Critical
A File Upload vulnerability exists in Sourcecodester Student Attendance Manageent System 1.0 via the file upload functionality.
CVE-2021-45864 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 5.5 Medium
tsMuxer git-c6a0277 was discovered to contain a segmentation fault via DTSStreamReader::findFrame in dtsStreamReader.cpp.
CVE-2021-45863 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 5.5 Medium
tsMuxer git-2678966 was discovered to contain a heap-based buffer overflow via the function HevcUnit::updateBits in hevc.cpp.
CVE-2021-45861 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 5.5 Medium
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277.
CVE-2021-45860 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 5.5 Medium
An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to cause a Denial of Service (DoS) via a crafted file.
CVE-2021-45856 1 Accu-time 2 Maximus, Maximus Firmware 2024-11-21 7.5 High
Accu-Time Systems MAXIMUS 1.0 telnet service suffers from a remote buffer overflow which causes the telnet service to crash
CVE-2021-45852 1 Projectworlds 1 Hospital Management System In Php 2024-11-21 5.3 Medium
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.
CVE-2021-45851 1 Frangoteam 1 Fuxa 2024-11-21 7.5 High
A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server.
CVE-2021-45848 2 Fedoraproject, Nicotine-plus 2 Fedora, Nicotine\+ 2024-11-21 7.5 High
Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character.
CVE-2021-45847 1 Slic3r 1 Slic3r 2024-11-21 5.5 Medium
Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file.
CVE-2021-45846 1 Slic3r 1 Slic3r 2024-11-21 5.5 Medium
A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a "type" attribute.
CVE-2021-45845 2 Debian, Freecadweb 2 Debian Linux, Freecad 2024-11-21 7.8 High
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.
CVE-2021-45844 2 Debian, Freecadweb 2 Debian Linux, Freecad 2024-11-21 7.8 High
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.