Search Results (364647 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-39979 1 Huawei 1 Harmonyos 2024-11-21 9.8 Critical
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
CVE-2021-39978 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.
CVE-2021-39976 1 Huawei 2 Cloudengine 5800, Cloudengine 5800 Firmware 2024-11-21 7.8 High
There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege.
CVE-2021-39975 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.
CVE-2021-39974 1 Huawei 3 Emui, Harmonyos, Magic Ui 2024-11-21 7.5 High
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39973 1 Huawei 3 Emui, Harmonyos, Magic Ui 2024-11-21 7.5 High
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
CVE-2021-39972 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
CVE-2021-39971 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
CVE-2021-39970 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
CVE-2021-39969 1 Huawei 3 Emui, Harmonyos, Magic Ui 2024-11-21 7.5 High
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39968 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.
CVE-2021-39966 1 Huawei 3 Emui, Harmonyos, Magic Ui 2024-11-21 7.5 High
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39947 1 Gitlab 1 Gitlab Runner 2024-11-21 5.3 Medium
In specific circumstances, trace file buffers in GitLab Runner versions up to 14.3.4, 14.4 to 14.4.2, and 14.5 to 14.5.2 would re-use the file descriptor 0 for multiple traces and mix the output of several jobs
CVE-2021-39946 1 Gitlab 1 Gitlab 2024-11-21 8.7 High
Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis
CVE-2021-39945 1 Gitlab 1 Gitlab 2024-11-21 2.7 Low
Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an author of a Merge Request to approve the Merge Request even after having their project access revoked
CVE-2021-39944 1 Gitlab 1 Gitlab 2024-11-21 7.1 High
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import
CVE-2021-39943 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call
CVE-2021-39942 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
A denial of service vulnerability in GitLab CE/EE affecting all versions starting from 12.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows low-privileged users to bypass file size limits in the NPM package repository to potentially cause denial of service.
CVE-2021-39941 1 Gitlab 1 Gitlab 2024-11-21 3.7 Low
An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members
CVE-2021-39940 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab Maven Package registry is vulnerable to a regular expression denial of service when a specifically crafted string is sent.