CVE List - 2021 / January
Showing 1 - 100 of 1514 CVEs for January 2021 (Page 1 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-35391 | 2021-01-01 | Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain... |
| CVE-2020-35932 | 2021-01-01 | Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress... |
| CVE-2020-35933 | 2021-01-01 | A Reflected Authenticated Cross-Site Scripting (XSS) vulnerability in the Newsletter... |
| CVE-2020-35934 | 2021-01-01 | The Advanced Access Manager plugin before 6.6.2 for WordPress displays... |
| CVE-2020-35935 | 2021-01-01 | The Advanced Access Manager plugin before 6.6.2 for WordPress allows... |
| CVE-2020-35936 | 2021-01-01 | Stored Cross-Site Scripting (XSS) vulnerabilities in the Post Grid plugin... |
| CVE-2020-35937 | 2021-01-01 | Stored Cross-Site Scripting (XSS) vulnerabilities in the Team Showcase plugin... |
| CVE-2020-35938 | 2021-01-01 | PHP Object injection vulnerabilities in the Post Grid plugin before... |
| CVE-2020-35939 | 2021-01-01 | PHP Object injection vulnerabilities in the Team Showcase plugin before... |
| CVE-2020-35951 | 2021-01-01 | An issue was discovered in the Quiz and Survey Master... |
| CVE-2020-35950 | 2021-01-01 | An issue was discovered in the XCloner Backup and Restore... |
| CVE-2020-35949 | 2021-01-01 | An issue was discovered in the Quiz and Survey Master... |
| CVE-2020-35948 | 2021-01-01 | An issue was discovered in the XCloner Backup and Restore... |
| CVE-2020-35947 | 2021-01-01 | An issue was discovered in the PageLayer plugin before 1.1.2... |
| CVE-2020-35946 | 2021-01-01 | An issue was discovered in the All in One SEO... |
| CVE-2020-35945 | 2021-01-01 | An issue was discovered in the Divi Builder plugin, Divi... |
| CVE-2020-35944 | 2021-01-01 | An issue was discovered in the PageLayer plugin before 1.1.2... |
| CVE-2020-35717 | 2021-01-01 | zonote through 0.4.0 allows XSS via a crafted note, with... |
| CVE-2021-3002 | 2021-01-01 | Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email... |
| CVE-2020-28851 | 2021-01-02 | In x/text in Go 1.15.4, an "index out of range"... |
| CVE-2020-28852 | 2021-01-02 | In x/text in Go before v0.3.5, a "slice bounds out... |
| CVE-2021-3004 | 2021-01-03 | The _deposit function in the smart contract implementation for Stable... |
| CVE-2021-3005 | 2021-01-03 | MK-AUTH through 19.01 K4.9 allows remote attackers to obtain sensitive... |
| CVE-2020-35952 | 2021-01-03 | login.php in PHPFusion (aka PHP-Fusion) Andromeda 9.x before 2020-12-30 generates... |
| CVE-2020-28841 | 2021-01-03 | MyDrivers64.sys in DriverGenius 9.61.3708.3054 allows attackers to cause a system... |
| CVE-2021-3006 | 2021-01-03 | The breed function in the smart contract implementation for Farm... |
| CVE-2020-35962 | 2021-01-03 | The sellTokenForLRC function in the vault protocol in the smart... |
| CVE-2020-35963 | 2021-01-03 | flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an... |
| CVE-2020-35964 | 2021-01-03 | track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write... |
| CVE-2019-25013 | 2021-01-04 | The iconv feature in the GNU C Library (aka glibc... |
| CVE-2020-35965 | 2021-01-04 | decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write... |
| CVE-2021-21494 | 2021-01-04 | MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo... |
| CVE-2021-21495 | 2021-01-04 | MK-AUTH through 19.01 K4.9 allows CSRF for password changes via... |
| CVE-2021-3007 | 2021-01-04 | Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has... |
| CVE-2019-16956 | 2021-01-04 | SolarWinds Web Help Desk 12.7.0 allows XSS via the Request... |
| CVE-2019-16960 | 2021-01-04 | SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV... |
| CVE-2020-7771 | 2021-01-04 | Prototype Pollution |
| CVE-2020-28464 | 2021-01-04 | Remote Code Execution (RCE) |
| CVE-2020-4909 | 2021-01-04 | IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting.... |
| CVE-2020-4910 | 2021-01-04 | IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting.... |
| CVE-2020-4912 | 2021-01-04 | IBM Cloud Pak System 2.3 Self Service Console could allow... |
| CVE-2020-4913 | 2021-01-04 | IBM Cloud Pak System 2.3 could reveal credential information in... |
| CVE-2020-4916 | 2021-01-04 | IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting.... |
| CVE-2020-4917 | 2021-01-04 | IBM Cloud Pak System 2.3 is vulnerable to cross-site request... |
| CVE-2020-4918 | 2021-01-04 | IBM Cloud Pak System 2.3 could allow l local privileged... |
| CVE-2020-4919 | 2021-01-04 | IBM Cloud Pak System 2.3 has insufficient logout controls which... |
| CVE-2020-4928 | 2021-01-04 | IBM Cloud Pak System 2.3 could allow a local privileged... |
| CVE-2020-4942 | 2021-01-04 | IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable... |
| CVE-2020-22550 | 2021-01-04 | Veno File Manager 3.5.6 is affected by a directory traversal... |
| CVE-2020-35493 | 2021-01-04 | A flaw exists in binutils in bfd/pef.c. An attacker who... |
| CVE-2020-35494 | 2021-01-04 | There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is... |
| CVE-2020-35495 | 2021-01-04 | There's a flaw in binutils /bfd/pef.c. An attacker who is... |
| CVE-2020-35496 | 2021-01-04 | There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which... |
| CVE-2020-35507 | 2021-01-04 | There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in... |
| CVE-2020-36112 | 2021-01-04 | CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based... |
| CVE-2020-36154 | 2021-01-04 | The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has... |
| CVE-2020-25275 | 2021-01-04 | Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp,... |
| CVE-2020-24386 | 2021-01-04 | An issue was discovered in Dovecot before 2.3.13. By using... |
| CVE-2020-36157 | 2021-01-04 | An issue was discovered in the Ultimate Member plugin before... |
| CVE-2020-36156 | 2021-01-04 | An issue was discovered in the Ultimate Member plugin before... |
| CVE-2020-36155 | 2021-01-04 | An issue was discovered in the Ultimate Member plugin before... |
| CVE-2020-35219 | 2021-01-04 | The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to... |
| CVE-2020-26292 | 2021-01-04 | Potential Malware Discovered (Possible False Positive) |
| CVE-2020-26293 | 2021-01-04 | Possible XSS bypass if style tag is allowed |
| CVE-2020-26294 | 2021-01-04 | Exposure of server configuration |
| CVE-2021-3014 | 2021-01-04 | In MikroTik RouterOS through 2021-01-04, the hotspot login page is... |
| CVE-2020-26297 | 2021-01-04 | XSS in mdBook's search page |
| CVE-2020-29491 | 2021-01-04 | Dell Wyse ThinOS 8.6 and prior versions contain an insecure... |
| CVE-2020-29492 | 2021-01-04 | Dell Wyse ThinOS 8.6 and prior versions contain an insecure... |
| CVE-2020-29496 | 2021-01-04 | Dell Wyse Management Suite versions prior to 3.1 contain a... |
| CVE-2020-29497 | 2021-01-04 | Dell Wyse Management Suite versions prior to 3.1 contain a... |
| CVE-2020-29498 | 2021-01-04 | Dell Wyse Management Suite versions prior to 3.1 contain an... |
| CVE-2020-5361 | 2021-01-04 | Select Dell Client Commercial and Consumer platforms support a BIOS... |
| CVE-2020-36158 | 2021-01-05 | mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might... |
| CVE-2021-3019 | 2021-01-05 | ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties to... |
| CVE-2021-3018 | 2021-01-05 | ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an... |
| CVE-2020-17518 | 2021-01-05 | Apache Flink directory traversal attack: remote file writing through the REST API |
| CVE-2020-17519 | 2021-01-05 | Apache Flink directory traversal attack: reading remote files through the REST API |
| CVE-2020-35488 | 2021-01-05 | The fileop module of the NXLog service in NXLog Community... |
| CVE-2020-7202 | 2021-01-05 | A potential security vulnerability has been identified in HPE Integrated... |
| CVE-2020-26045 | 2021-01-05 | FUEL CMS 1.4.11 allows SQL Injection via parameter 'name' in... |
| CVE-2020-26046 | 2021-01-05 | FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. This... |
| CVE-2019-4728 | 2021-01-05 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0... |
| CVE-2020-4761 | 2021-01-05 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0... |
| CVE-2020-4762 | 2021-01-05 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0... |
| CVE-2020-4899 | 2021-01-05 | IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive... |
| CVE-2020-13539 | 2021-01-05 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-13540 | 2021-01-05 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-13541 | 2021-01-05 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2021-3021 | 2021-01-05 | ISPConfig before 3.2.2 allows SQL injection. |
| CVE-2020-27841 | 2021-01-05 | There's a flaw in openjpeg in versions prior to 2.4.0... |
| CVE-2020-27842 | 2021-01-05 | There's a flaw in openjpeg's t2 encoder in versions prior... |
| CVE-2020-27843 | 2021-01-05 | A flaw was found in OpenJPEG in versions prior to... |
| CVE-2020-29478 | 2021-01-05 | CA Service Catalog 17.2 and 17.3 contain a vulnerability in... |
| CVE-2021-21234 | 2021-01-05 | Directory Traversal |
| CVE-2021-3022 | 2021-01-05 | An issue was discovered on LG mobile devices with Android... |
| CVE-2020-27844 | 2021-01-05 | A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior... |
| CVE-2020-27845 | 2021-01-05 | There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior... |
| CVE-2021-22494 | 2021-01-05 | An issue was discovered in the fingerprint scanner on Samsung... |
| CVE-2021-22495 | 2021-01-05 | An issue was discovered on Samsung mobile devices with O(8.x),... |