Search Results (366885 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-42223 1 Phpgurukul 1 Online Dj Booking Management System 2024-11-21 6.1 Medium
Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management System 1.0 in view-booking-detail.php.
CVE-2021-42220 1 Dolibarr 1 Dolibarr 2024-11-21 5.4 Medium
A Cross Site Scripting (XSS) vulnerability exists in Dolibarr before 14.0.3 via the ticket creation flow. Exploitation requires that an admin copies the payload into a box.
CVE-2021-42219 1 Ethereum 1 Go Ethereum 2024-11-21 7.5 High
Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node. This is caused by missing memory in the component /ethash/algorithm.go.
CVE-2021-42218 1 Rice 1 Open Motion Planning Library 2024-11-21 7.5 High
OMPL v1.5.2 contains a memory leak in VFRRT.cpp
CVE-2021-42216 1 Anonaddy 1 Anonaddy 2024-11-21 9.8 Critical
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
CVE-2021-42204 1 Swftools 1 Swftools 2024-11-21 7.8 High
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution.
CVE-2021-42203 1 Swftools 1 Swftools 2024-11-21 7.8 High
An issue was discovered in swftools through 20201222. A heap-use-after-free exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.
CVE-2021-42202 1 Swftools 1 Swftools 2024-11-21 5.5 Medium
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service.
CVE-2021-42201 1 Swftools 1 Swftools 2024-11-21 7.8 High
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution.
CVE-2021-42200 1 Swftools 1 Swftools 2024-11-21 5.5 Medium
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.c. It allows an attacker to cause Denial of Service.
CVE-2021-42199 1 Swftools 1 Swftools 2024-11-21 7.8 High
An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.
CVE-2021-42198 1 Swftools 1 Swftools 2024-11-21 5.5 Medium
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service.
CVE-2021-42197 1 Swftools 1 Swftools 2024-11-21 7.8 High
An issue was discovered in swftools through 20201222 through a memory leak in the swftools when swfdump is used. It allows an attacker to cause code execution.
CVE-2021-42196 1 Swftools 1 Swftools 2024-11-21 5.5 Medium
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service.
CVE-2021-42195 1 Swftools 1 Swftools 2024-11-21 7.8 High
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution.
CVE-2021-42194 1 Eyoucms 1 Eyoucms 2024-11-21 7.2 High
The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's input directly into the simplexml_ load_ String function, which itself does not prohibit external entities, triggering a XML external entity (XXE) injection vulnerability.
CVE-2021-42192 1 Konga Project 1 Konga 2024-11-21 8.8 High
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation.
CVE-2021-42185 1 Wdja 1 Wdja 2024-11-21 9.8 Critical
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function.
CVE-2021-42183 1 Masacms 1 Masacms 2024-11-21 7.5 High
MasaCMS 7.2.1 is affected by a path traversal vulnerability in /index.cfm/_api/asset/image/.
CVE-2021-42171 1 Tribalsystems 1 Zenario 2024-11-21 7.2 High
Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.