Search Results (363851 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-36383 1 Xen-orchestra 2 Xo-server, Xo-web 2024-11-21 4.3 Medium
Xen Orchestra (with xo-web through 5.80.0 and xo-server through 5.84.0) mishandles authorization, as demonstrated by modified WebSocket resourceSet.getAll data is which the attacker changes the permission field from none to admin. The attacker gains access to data sets such as VMs, Backups, Audit, Users, and Groups.
CVE-2021-36382 1 Devolutions 1 Devolutions Server 2024-11-21 2.6 Low
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
CVE-2021-36381 1 Edifecs 1 Transaction Management 2024-11-21 5.3 Medium
In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logon_error= on the login screen of the Web application.
CVE-2021-36377 2 Fedoraproject, Fossil-scm 2 Fedora, Fossil 2024-11-21 7.5 High
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation.
CVE-2021-36376 2 Delta Project, Microsoft 2 Delta, Windows 2024-11-21 7.8 High
dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory.
CVE-2021-36374 2 Apache, Oracle 36 Ant, Agile Engineering Data Management, Agile Plm and 33 more 2024-11-21 5.5 Medium
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
CVE-2021-36373 3 Apache, Oracle, Redhat 33 Ant, Agile Plm, Banking Trade Finance and 30 more 2024-11-21 5.5 Medium
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
CVE-2021-36372 1 Apache 1 Ozone 2024-11-21 9.8 Critical
In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked.
CVE-2021-36371 1 Getambassador 1 Emissary-ingress 2024-11-21 3.7 Low
Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to bypass client certificate requirements (i.e., mTLS cert_required) on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate authentication. The attacker must send an SNI specifying an unprotected backend and an HTTP Host header specifying a protected backend. (2.x versions are unaffected. 1.x versions are unaffected with certain configuration settings involving prune_unreachable_routes and a wildcard Host resource.)
CVE-2021-36370 1 Midnight-commander 1 Midnight Commander 2024-11-21 7.5 High
An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.
CVE-2021-36367 1 Putty 1 Putty 2024-11-21 8.1 High
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).
CVE-2021-36366 1 Nagios 1 Nagios Xi 2024-11-21 9.8 Critical
Nagios XI before 5.8.5 incorrectly allows manage_services.sh wildcards.
CVE-2021-36365 1 Nagios 1 Nagios Xi 2024-11-21 9.8 Critical
Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.
CVE-2021-36364 1 Nagios 1 Nagios Xi 2024-11-21 9.8 Critical
Nagios XI before 5.8.5 incorrectly allows backup_xi.sh wildcards.
CVE-2021-36363 1 Nagios 1 Nagios Xi 2024-11-21 9.8 Critical
Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php.
CVE-2021-36359 1 Bscw 1 Bscw Classic 2024-11-21 8.8 High
OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.
CVE-2021-36357 1 Openpowerfoundation 1 Skiboot 2024-11-21 9.8 Critical
An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the right endian conversion function.
CVE-2021-36356 1 Kramerav 1 Viaware 2024-11-21 9.8 Critical
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124.
CVE-2021-36352 1 Care2x 1 Hospital Information Management 2024-11-21 5.4 Medium
Stored cross-site scripting (XSS) vulnerability in Care2x Hospital Information Management 2.7 Alpha. The vulnerability has found POST requests in /modules/registration_admission/patient_register.php page with "name_middle", "addr_str", "station", "name_maiden", "name_2", "name_3" parameters.
CVE-2021-36351 1 Care2x 1 Hospital Information Management System 2024-11-21 9.8 Critical
SQL Injection Vulnerability in Care2x Open Source Hospital Information Management 2.7 Alpha via the (1) pday, (2) pmonth, and (3) pyear parameters in GET requests sent to /modules/nursing/nursing-station.php.