Search Results (363296 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-27240 1 Solarwinds 1 Patch Manager 2024-11-21 7.8 High
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DataGridService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of Administrator. Was ZDI-CAN-12009.
CVE-2021-27239 1 Netgear 70 D6220, D6220 Firmware, D6400 and 67 more 2024-11-21 8.8 High
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.
CVE-2021-27237 1 Blackcat-cms 1 Blackcat Cms 2024-11-21 4.8 Medium
The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php.
CVE-2021-27236 1 Mutare 1 Voice 2024-11-21 9.8 Critical
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.
CVE-2021-27235 1 Mutare 1 Voice 2024-11-21 4.9 Medium
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, there is a functionality at diagzip.asp that allows anyone to export tables of a database.
CVE-2021-27234 1 Mutare 1 Voice 2024-11-21 9.8 Critical
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp.
CVE-2021-27233 1 Mutare 1 Voice 2024-11-21 4.9 Medium
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue.
CVE-2021-27232 1 Pelco 1 Digital Sentry Server 2024-11-21 8.8 High
The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered.
CVE-2021-27231 1 Hestiacp 1 Control Panel 2024-11-21 5.4 Medium
Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages.
CVE-2021-27230 1 Expressionengine 1 Expressionengine 2024-11-21 8.8 High
ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save() to write to an _lang.php file under the system/user/language directory.
CVE-2021-27229 2 Debian, Mumble 2 Debian Linux, Mumble 2024-11-21 8.8 High
Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text.
CVE-2021-27228 1 Shinobi 1 Shinobi Pro 2024-11-21 9.8 Critical
An issue was discovered in Shinobi through ocean version 1. lib/auth.js has Incorrect Access Control. Valid API Keys are held in an internal JS Object. Therefore an attacker can use JS Proto Method names (such as constructor or hasOwnProperty) to convince the System that the supplied API Key exists in the underlying JS object, and consequently achieve complete access to User/Admin/Super API functions, as demonstrated by a /super/constructor/accounts/list URI.
CVE-2021-27225 1 Dataiku 1 Data Science Studio 2024-11-21 5.4 Medium
In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite notebooks in projects that they are not authorized to access.
CVE-2021-27224 1 Irfanview 2 Irfanview, Wpg 2024-11-21 7.5 High
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.
CVE-2021-27223 1 Kaspersky 6 Anti-virus, Endpoint Security, Internet Security and 3 more 2024-11-21 5.5 Medium
A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS
CVE-2021-27222 1 Obss 1 Time In Status 2024-11-21 5.4 Medium
In the "Time in Status" app before 4.13.0 for Jira, remote authenticated attackers can cause Stored XSS.
CVE-2021-27221 1 Mikrotik 1 Routeros 2024-11-21 8.1 High
MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work
CVE-2021-27220 1 Paessler 1 Prtg Network Monitor 2024-11-21 5.3 Medium
An issue was discovered in PRTG Network Monitor before 21.1.66.1623. By invoking the screenshot functionality with prepared context paths, an attacker is able to verify the existence of certain files on the filesystem of the PRTG's Web server.
CVE-2021-27219 6 Broadcom, Debian, Fedoraproject and 3 more 15 Brocade Fabric Operating System Firmware, Debian Linux, Fedora and 12 more 2024-11-21 7.5 High
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.
CVE-2021-27218 6 Broadcom, Debian, Fedoraproject and 3 more 8 Brocade Fabric Operating System Firmware, Debian Linux, Fedora and 5 more 2024-11-21 7.5 High
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.