Search Results (366301 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-40498 1 Sap 1 Successfactors Mobile 2024-11-21 5.5 Medium
A vulnerability has been identified in SAP SuccessFactors Mobile Application for Android - versions older than 2108, which allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which can lead to denial of service. The vulnerability is related to Android implementation methods that are widely used across Android mobile applications, and such methods are embedded into the SAP SuccessFactors mobile application. These Android methods begin executing once the user accesses their profile on the mobile application. While executing, it can also pick up the activities from other Android applications that are running in the background of the users device and are using the same types of methods in the application. Such vulnerability can also lead to phishing attacks that can be used for staging other types of attacks.
CVE-2021-40497 1 Sap 1 Businessobjects Analysis 2024-11-21 5.3 Medium
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.
CVE-2021-40496 1 Sap 2 Netweaver Abap, Netweaver Application Server Abap 2024-11-21 4.3 Medium
SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request and exposing sensitive data. This vulnerability is normally exposed over the network and successful exploitation can lead to exposure of data like system details.
CVE-2021-40495 1 Sap 2 Netweaver Abap, Netweaver Application Server Abap 2024-11-21 5.3 Medium
There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.
CVE-2021-40494 1 Adaptivescale 1 Lxdui 2024-11-21 9.8 Critical
A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system.
CVE-2021-40493 1 Zohocorp 1 Manageengine Opmanager 2024-11-21 9.8 Critical
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
CVE-2021-40492 1 Gibbonedu 1 Gibbon 2024-11-21 6.1 Medium
A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).
CVE-2021-40491 2 Debian, Gnu 2 Debian Linux, Inetutils 2024-11-21 6.5 Medium
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.
CVE-2021-40490 5 Debian, Fedoraproject, Linux and 2 more 30 Debian Linux, Fedora, Linux Kernel and 27 more 2024-11-21 7.0 High
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
CVE-2021-40489 1 Microsoft 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more 2024-11-21 7.8 High
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40488 1 Microsoft 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more 2024-11-21 7.8 High
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40486 1 Microsoft 6 Office, Office Online Server, Office Web Apps Server and 3 more 2024-11-21 7.8 High
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40484 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-11-21 7.6 High
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-40483 1 Microsoft 1 Sharepoint Server 2024-11-21 7.6 High
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-40482 1 Microsoft 1 Sharepoint Server 2024-11-21 5.3 Medium
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-40481 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2024-11-21 7.1 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2021-40480 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2024-11-21 7.8 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2021-40479 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2024-11-21 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-40478 1 Microsoft 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more 2024-11-21 7.8 High
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40477 1 Microsoft 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more 2024-11-21 7.8 High
Windows Event Tracing Elevation of Privilege Vulnerability