CVE List - 2021 / October
Showing 701 - 800 of 1707 CVEs for October 2021 (Page 8 of 18)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-20805 | 2021-10-13 | Cross-site scripting vulnerability in the management screen of Cybozu Remote... |
| CVE-2021-20806 | 2021-10-13 | Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9... |
| CVE-2021-20807 | 2021-10-13 | Cross-site scripting vulnerability in the management screen of Cybozu Remote... |
| CVE-2021-20831 | 2021-10-13 | Cross-site request forgery (CSRF) vulnerability in OG Tags versions prior... |
| CVE-2021-20832 | 2021-10-13 | InBody App for iOS versions prior to 2.3.30 and InBody... |
| CVE-2021-20833 | 2021-10-13 | The SNKRDUNK Market Place App for iOS versions prior to... |
| CVE-2021-20834 | 2021-10-13 | Improper authorization in handler for custom URL scheme vulnerability in... |
| CVE-2021-33609 | 2021-10-13 | Denial of service in DataCommunicator class in Vaadin 8 |
| CVE-2021-41137 | 2021-10-13 | Bypassing policy restrictions on regular users |
| CVE-2021-34814 | 2021-10-13 | Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass. |
| CVE-2021-39304 | 2021-10-13 | Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass. |
| CVE-2021-41138 | 2021-10-13 | Validity check for signed Frontier-specific extrinsic not called in block execution |
| CVE-2021-22033 | 2021-10-13 | Releases prior to VMware vRealize Operations 8.6 contain a Server... |
| CVE-2021-20123 | 2021-10-13 | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3... |
| CVE-2021-20124 | 2021-10-13 | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3... |
| CVE-2021-20125 | 2021-10-13 | An arbitrary file upload and directory traversal vulnerability exists in... |
| CVE-2021-20126 | 2021-10-13 | Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does... |
| CVE-2021-20127 | 2021-10-13 | An arbitrary file deletion vulnerability exists in the file delete... |
| CVE-2021-20128 | 2021-10-13 | The Profile Name field in the floor plan (Network Menu)... |
| CVE-2021-20129 | 2021-10-13 | An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing... |
| CVE-2021-22035 | 2021-10-13 | VMware vRealize Log Insight (8.x prior to 8.6) contains a... |
| CVE-2021-22036 | 2021-10-13 | VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open... |
| CVE-2021-40732 | 2021-10-13 | XMP Toolkit SDK Null Pointer Dereference |
| CVE-2021-3057 | 2021-10-13 | GlobalProtect App: Buffer Overflow Vulnerability When Connecting to Portal or Gateway |
| CVE-2021-35498 | 2021-10-13 | TIBCO EBX Insecure Login Mechanism |
| CVE-2021-41139 | 2021-10-13 | Reflected XSS vulnerability in time.php |
| CVE-2021-40843 | 2021-10-13 | Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability... |
| CVE-2021-40842 | 2021-10-13 | Proofpoint Insider Threat Management Server contains a SQL injection vulnerability... |
| CVE-2021-20130 | 2021-10-13 | ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code... |
| CVE-2021-20131 | 2021-10-13 | ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code... |
| CVE-2021-42223 | 2021-10-13 | Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management... |
| CVE-2021-42224 | 2021-10-13 | SQL Injection vulnerability exists in IFSC Code Finder Project 1.0... |
| CVE-2021-26318 | 2021-10-13 | Side-channels Related to the x86 PREFETCH Instruction |
| CVE-2021-40493 | 2021-10-13 | Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection... |
| CVE-2021-41075 | 2021-10-13 | The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is... |
| CVE-2021-20599 | 2021-10-14 | Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability... |
| CVE-2021-42369 | 2021-10-14 | Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL... |
| CVE-2021-40854 | 2021-10-14 | AnyDesk before 6.2.6 and 6.3.x before 6.3.3 allows a local... |
| CVE-2021-42341 | 2021-10-14 | checkpath in OpenRC before 0.44.7 uses the direct output of... |
| CVE-2021-42342 | 2021-10-14 | An issue was discovered in GoAhead 4.x and 5.x before... |
| CVE-2021-3882 | 2021-10-14 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in ledgersmb/ledgersmb |
| CVE-2020-22724 | 2021-10-14 | A remote command execution vulnerability exists in add_server_service of PPTP_SERVER... |
| CVE-2020-19964 | 2021-10-14 | A Cross Site Request Forgery (CSRF) vulnerability was discovered in... |
| CVE-2020-19962 | 2021-10-14 | A stored cross-site scripting (XSS) vulnerability in the getClientIp function... |
| CVE-2020-19960 | 2021-10-14 | A SQL injection vulnerability has been discovered in zz cms... |
| CVE-2020-19961 | 2021-10-14 | A SQL injection vulnerability has been discovered in zz cms... |
| CVE-2020-19959 | 2021-10-14 | A SQL injection vulnerability has been discovered in zz cms... |
| CVE-2020-19957 | 2021-10-14 | A SQL injection vulnerability has been discovered in zz cms... |
| CVE-2020-19954 | 2021-10-14 | An XML External Entity (XXE) vulnerability was discovered in /api/notify.php... |
| CVE-2021-22964 | 2021-10-14 | A redirect vulnerability in the `fastify-static` module version >= 4.2.4... |
| CVE-2021-22963 | 2021-10-14 | A redirect vulnerability in the fastify-static module version < 4.2.4... |
| CVE-2021-33177 | 2021-10-14 | The Bulk Modifications functionality in Nagios XI versions prior to... |
| CVE-2021-33178 | 2021-10-14 | The Manage Backgrounds functionality within NagVis versions prior to 1.9.29... |
| CVE-2021-33179 | 2021-10-14 | The general user interface in Nagios XI versions prior to... |
| CVE-2021-37933 | 2021-10-14 | An LDAP injection vulnerability in /account/login in Huntflow Enterprise before... |
| CVE-2021-41132 | 2021-10-14 | Inconsistent input sanitisation leads to XSS vectors |
| CVE-2021-38344 | 2021-10-14 | Brizy <= 2.3.11 Authenticated Stored Cross-Site Scripting |
| CVE-2021-38345 | 2021-10-14 | Brizy <= 1.0.125 and 1.0.127 – 2.3.11 Incorrect authorization checks allowing Post modification |
| CVE-2021-38346 | 2021-10-14 | Brizy <= 2.3.11 Authenticated Unrestricted File Upload and Path Traversal |
| CVE-2021-41142 | 2021-10-14 | XSS via the name of a deleted attachment |
| CVE-2021-42227 | 2021-10-14 | Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via... |
| CVE-2021-42228 | 2021-10-14 | A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor... |
| CVE-2021-32569 | 2021-10-14 | In OSS-RC systems of the release 18B and older customer... |
| CVE-2021-32571 | 2021-10-14 | In OSS-RC systems of the release 18B and older during... |
| CVE-2021-36387 | 2021-10-14 | In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting... |
| CVE-2021-36388 | 2021-10-14 | In Yellowfin before 9.6.1 it is possible to enumerate and... |
| CVE-2021-36389 | 2021-10-14 | In Yellowfin before 9.6.1 it is possible to enumerate and... |
| CVE-2021-38295 | 2021-10-14 | Privilege escalation vulnerability when using HTML attachments |
| CVE-2021-42340 | 2021-10-14 | DoS via memory leak with WebSocket connections |
| CVE-2021-28021 | 2021-10-15 | Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb... |
| CVE-2021-40999 | 2021-10-15 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-42329 | 2021-10-15 | ShinHer Information Co., LTD. ShinHer StudyOnline System - Stored XSS |
| CVE-2021-42330 | 2021-10-15 | ShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-1 |
| CVE-2021-42331 | 2021-10-15 | ShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-2 |
| CVE-2021-42332 | 2021-10-15 | ShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-3 |
| CVE-2021-42333 | 2021-10-15 | Huachu Digital Technology Co.,Ltd. Easytest - SQL Injection-1 |
| CVE-2021-42334 | 2021-10-15 | Huachu Digital Technology Co.,Ltd. Easytest - SQL Injection-2 |
| CVE-2021-42335 | 2021-10-15 | Huachu Digital Technology Co.,Ltd. Easytest - Stored XSS |
| CVE-2021-42336 | 2021-10-15 | Huachu Digital Technology Co.,Ltd. Easytest - Improper Authorization |
| CVE-2021-39332 | 2021-10-15 | Business Manager – WordPress ERP, HR, CRM, and Project Management Plugin <= 1.4.5 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39334 | 2021-10-15 | Job Board Vanila Plugin <= 1.0 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39336 | 2021-10-15 | Job Manager <= 0.7.25 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39337 | 2021-10-15 | job-portal <= 0.0.1 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39345 | 2021-10-15 | HAL <= 2.1.1 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39338 | 2021-10-15 | MyBB Cross-Poster <= 1.0 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39335 | 2021-10-15 | WpGenius Job Listing <= 1.0.2 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39344 | 2021-10-15 | KJM Admin Notices <= 2.0.1 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39349 | 2021-10-15 | Author Bio Box <= 3.3.1 Authenticated Stored Cross-Site Scripting |
| CVE-2021-38431 | 2021-10-15 | Advantech WebAccess SCADA |
| CVE-2021-37737 | 2021-10-15 | A remote SQL injection vulnerability was discovered in Aruba ClearPass... |
| CVE-2021-37736 | 2021-10-15 | A remote authentication bypass vulnerability was discovered in Aruba ClearPass... |
| CVE-2021-37738 | 2021-10-15 | A remote disclosure of sensitive information vulnerability was discovered in... |
| CVE-2021-40987 | 2021-10-15 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-37739 | 2021-10-15 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-40986 | 2021-10-15 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-40992 | 2021-10-15 | A remote SQL injection vulnerability was discovered in Aruba ClearPass... |
| CVE-2021-3874 | 2021-10-15 | Path Traversal in bookstackapp/bookstack |
| CVE-2021-3875 | 2021-10-15 | Heap-based Buffer Overflow in vim/vim |
| CVE-2021-3878 | 2021-10-15 | Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp |
| CVE-2021-3881 | 2021-10-15 | Out-of-bounds Read in bfabiszewski/libmobi |