Search Results (366303 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-40531 2 Apple, Sketch 2 Macos, Sketch 2024-11-21 9.8 Critical
Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.
CVE-2021-40530 2 Cryptopp, Fedoraproject 2 Crypto\+\+, Fedora 2024-11-21 5.9 Medium
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
CVE-2021-40529 3 Botan Project, Fedoraproject, Mozilla 3 Botan, Fedora, Thunderbird 2024-11-21 5.9 Medium
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
CVE-2021-40527 1 Onepeloton 1 Peloton 2024-11-21 8.6 High
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the mobile application.
CVE-2021-40526 1 Onepeloton 2 Ttr01, Ttr01 Firmware 2024-11-21 4.8 Medium
Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lead to an Apple MFI device not being able to authenticate with the Peleton Bike
CVE-2021-40525 1 Apache 1 James 2024-11-21 9.1 Critical
Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted.
CVE-2021-40523 1 Contiki-os 1 Contiki 2024-11-21 7.5 High
In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violations and denial of service. Specifically, a server sometimes sends no response, because a fixed buffer space is available for all responses and that space may have been exhausted.
CVE-2021-40521 1 Airangel 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more 2024-11-21 9.8 Critical
Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution.
CVE-2021-40520 1 Airangel 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more 2024-11-21 9.8 Critical
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials.
CVE-2021-40519 1 Airangel 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more 2024-11-21 10.0 Critical
Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials.
CVE-2021-40518 1 Airangel 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more 2024-11-21 6.5 Medium
Airangel HSMX Gateway devices through 5.2.04 allow CSRF.
CVE-2021-40517 1 Airangel 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more 2024-11-21 5.4 Medium
Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access.
CVE-2021-40516 2 Debian, Weechat 2 Debian Linux, Weechat 2024-11-21 7.5 High
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.
CVE-2021-40511 1 Obdasystems 1 Mastro 2024-11-21 7.5 High
OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.
CVE-2021-40510 1 Obdasystems 1 Mastro 2024-11-21 7.5 High
XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs.
CVE-2021-40509 1 Jforum 1 Jforum 2024-11-21 5.4 Medium
ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature.
CVE-2021-40504 1 Sap 1 Netweaver Application Server Abap 2024-11-21 4.9 Medium
A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions.
CVE-2021-40503 1 Sap 1 Gui For Windows 2024-11-21 7.8 High
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be able to logon to the backend system the SAP GUI for Windows was connected to and launch further attacks depending on the authorizations of the user.
CVE-2021-40502 1 Sap 1 Commerce 2024-11-21 8.8 High
SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Authenticated attackers will be able to access and edit data from b2b units they do not belong to.
CVE-2021-40501 1 Sap 1 Abap Platform Kernel 2024-11-21 8.1 High
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system.