Search Results (364935 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-37578 1 Apache 1 Juddi 2024-11-21 9.8 Critical
Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicious serialized object to the above RMI entries. The objects get deserialized without any check on the incoming data. In the worst case, it may let the attacker run arbitrary code remotely. For both jUDDI web service applications and jUDDI clients, the usage of RMI is disabled by default. Since this is an optional feature and an extension to the UDDI protocol, the likelihood of impact is low. Starting with 3.3.10, all RMI related code was removed.
CVE-2021-37576 3 Fedoraproject, Linux, Redhat 7 Fedora, Linux Kernel, Enterprise Linux and 4 more 2024-11-21 7.8 High
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-37573 1 Tiny Java Web Server Project 1 Tiny Java Web Server 2024-11-21 6.1 Medium
A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page
CVE-2021-37572 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).
CVE-2021-37571 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVE-2021-37570 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVE-2021-37569 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVE-2021-37568 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVE-2021-37567 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVE-2021-37566 1 Mediatek 18 Mt7603e, Mt7603e Firmware, Mt7610 and 15 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).
CVE-2021-37565 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVE-2021-37564 1 Mediatek 14 Mt7603e, Mt7603e Firmware, Mt7613 and 11 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
CVE-2021-37563 1 Mediatek 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVE-2021-37562 1 Mediatek 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).
CVE-2021-37561 1 Mediatek 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVE-2021-37560 1 Mediatek 20 Mt7603e, Mt7603e Firmware, Mt7610 and 17 more 2024-11-21 8.2 High
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).
CVE-2021-37558 1 Centreon 1 Centreon 2024-11-21 9.8 Critical
A SQL injection vulnerability in a MediaWiki script in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote unauthenticated attackers to execute arbitrary SQL commands via the host_name and service_description parameters. The vulnerability can be exploited only when a valid Knowledge Base URL is configured on the Knowledge Base configuration page and points to a MediaWiki instance. This relates to the proxy feature in class/centreon-knowledge/ProceduresProxy.class.php and include/configuration/configKnowledge/proxy/proxy.php.
CVE-2021-37557 1 Centreon 1 Centreon 2024-11-21 8.8 High
A SQL injection vulnerability in image generation in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php index parameter.
CVE-2021-37556 1 Centreon 1 Centreon 2024-11-21 8.8 High
A SQL injection vulnerability in reporting export in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/reporting/dashboard/csvExport/csv_HostGroupLogs.php start and end parameters.
CVE-2021-37555 1 Trixie 2 Tx9 Automatic Food Dispenser, Tx9 Automatic Food Dispenser Firmware 2024-11-21 9.8 Critical
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyBox utilities (e.g., tar and nc).