CVE List - 2021 / October
Showing 1201 - 1300 of 1707 CVEs for October 2021 (Page 13 of 18)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-42771 | 2021-10-20 | Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary... |
| CVE-2021-42299 | 2021-10-20 | Microsoft Surface Pro 3 Security Feature Bypass Vulnerability |
| CVE-2021-41163 | 2021-10-20 | RCE via malicious SNS subscription payload |
| CVE-2021-41159 | 2021-10-21 | Improper client input validation for FreeRDP gateway connections allows to overwrite memory |
| CVE-2021-41160 | 2021-10-21 | Improper region checks in FreeRDP allow out of bound write to memory |
| CVE-2021-42327 | 2021-10-21 | dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows... |
| CVE-2021-42715 | 2021-10-21 | An issue was discovered in stb stb_image.h 1.33 through 2.27.... |
| CVE-2021-42096 | 2021-10-21 | GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A... |
| CVE-2021-42097 | 2021-10-21 | GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A... |
| CVE-2021-39127 | 2021-10-21 | Affected versions of Atlassian Jira Server and Data Center allow... |
| CVE-2021-1529 | 2021-10-21 | Cisco IOS XE SD-WAN Software Command Injection Vulnerability |
| CVE-2021-39126 | 2021-10-21 | Affected versions of Atlassian Jira Server and Data Center allow... |
| CVE-2021-34738 | 2021-10-21 | Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities |
| CVE-2021-34743 | 2021-10-21 | Cisco Webex Software Application Authorization Bypass Vulnerability |
| CVE-2021-34760 | 2021-10-21 | Cisco TelePresence Management Suite Stored Cross-Site Scripting Vulnerability |
| CVE-2021-34789 | 2021-10-21 | Cisco Tetration Stored Cross-Site Scripting Vulnerability |
| CVE-2021-40121 | 2021-10-21 | Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities |
| CVE-2021-40122 | 2021-10-21 | Cisco Meeting Server Call Bridge Denial of Service Vulnerability |
| CVE-2021-40123 | 2021-10-21 | Cisco Identity Services Engine File Download Vulnerability |
| CVE-2021-34736 | 2021-10-21 | Cisco Integrated Management Controller GUI Denial of Service Vulnerability |
| CVE-2021-23139 | 2021-10-21 | A null pointer vulnerability in Trend Micro Apex One and... |
| CVE-2021-42011 | 2021-10-21 | An incorrect permission assignment vulnerability in Trend Micro Apex One... |
| CVE-2021-42012 | 2021-10-21 | A stack-based buffer overflow vulnerability in Trend Micro Apex One,... |
| CVE-2021-42101 | 2021-10-21 | An uncontrolled search path element vulnerabilities in Trend Micro Apex... |
| CVE-2021-42102 | 2021-10-21 | An uncontrolled search path element vulnerabilities in Trend Micro Apex... |
| CVE-2021-42103 | 2021-10-21 | An uncontrolled search path element vulnerabilities in Trend Micro Apex... |
| CVE-2021-42104 | 2021-10-21 | Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One... |
| CVE-2021-42105 | 2021-10-21 | Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One... |
| CVE-2021-42106 | 2021-10-21 | Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One... |
| CVE-2021-42107 | 2021-10-21 | Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One... |
| CVE-2021-42108 | 2021-10-21 | Unnecessary privilege vulnerabilities in the Web Console of Trend Micro... |
| CVE-2021-41790 | 2021-10-21 | An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script... |
| CVE-2021-41791 | 2021-10-21 | An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 and... |
| CVE-2021-41792 | 2021-10-21 | An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and... |
| CVE-2021-35512 | 2021-10-21 | An SSRF issue was discovered in Zoho ManageEngine Applications Manager... |
| CVE-2021-42740 | 2021-10-21 | The shell-quote package before 1.7.3 for Node.js allows command injection.... |
| CVE-2020-27304 | 2021-10-21 | The CivetWeb web library does not validate uploaded filepaths when... |
| CVE-2021-28975 | 2021-10-21 | WP Mailster 1.6.18.0 allows XSS when a victim opens a... |
| CVE-2021-20120 | 2021-10-21 | The administration web interface for the Arris Surfboard SB8200 lacks... |
| CVE-2020-14263 | 2021-10-21 | "HCL Traveler Companion is vulnerable to an iOS weak cryptographic... |
| CVE-2021-29873 | 2021-10-21 | IBM Flash System 900 could allow an authenticated attacker to... |
| CVE-2021-29883 | 2021-10-21 | IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and... |
| CVE-2021-28496 | 2021-10-21 | In Arista's EOS software affected releases, the shared secret profiles sensitive configuration might be leaked when displaying output over eAPI or other JSON outputs to authenticated users on the device. |
| CVE-2021-41146 | 2021-10-21 | Arbitrary command execution on Windows in qutebrowser |
| CVE-2021-35225 | 2021-10-21 | Netpath Horizontal Privilege Escalation Vulnerability: NPM 2020.2.5 |
| CVE-2021-35227 | 2021-10-21 | Insecure Web Configuration for RabbitMQ Management Plugin in SolarWinds ARM |
| CVE-2021-35228 | 2021-10-21 | Reflected cross site scripting affecting SolarWinds: DPA 2021.3.7388 |
| CVE-2021-42716 | 2021-10-21 | An issue was discovered in stb stb_image.h 2.27. The PNM... |
| CVE-2021-40719 | 2021-10-21 | Adobe Connect Deserialization of Untrusted Data Remote Code Execution |
| CVE-2021-22034 | 2021-10-21 | Releases prior to VMware vRealize Operations Tenant App 8.6 contain... |
| CVE-2021-39348 | 2021-10-21 | LearnPress – WordPress LMS Plugin <= 4.1.3.1 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39357 | 2021-10-21 | Leaky Paywall <= 4.16.5 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39356 | 2021-10-21 | Content Staging <= 2.0.1 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39352 | 2021-10-21 | Catch Themes Demo Import <= 1.7 Admin+ Arbitrary File Upload |
| CVE-2021-39328 | 2021-10-21 | Simple Job Board <= 2.9.4 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39321 | 2021-10-21 | Sassy Social Share 3.3.23 PHP Object Injection |
| CVE-2021-39354 | 2021-10-21 | Easy Digital Downloads <= 2.11.2 Authenticated Reflected Cross-Site Scripting |
| CVE-2021-41168 | 2021-10-21 | Hash-Collision Denial-of-Service Vulnerability in snudown |
| CVE-2021-41127 | 2021-10-21 | Maliciously Crafted Model Archive Can Lead To Arbitrary File Write in rasa |
| CVE-2021-36869 | 2021-10-21 | WordPress Ivory Search plugin <= 4.6.6 - Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2021-41169 | 2021-10-21 | Improper Neutralization HTML tags in sulu/sulu |
| CVE-2021-27746 | 2021-10-21 | "HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability" |
| CVE-2021-34362 | 2021-10-22 | Command Injection Vulnerability in Media Streaming Add-on |
| CVE-2021-31835 | 2021-10-22 | McAfee ePO Cross-Site Scripting vulnerability |
| CVE-2021-31834 | 2021-10-22 | McAfee ePO Cross-Site Scripting vulnerability |
| CVE-2021-36357 | 2021-10-22 | An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls... |
| CVE-2021-35230 | 2021-10-22 | Unquoted Path Vulnerability (SMB Login) in Kiwi CatTools |
| CVE-2021-38475 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38473 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38481 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38477 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38469 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38479 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38471 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38467 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38463 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38465 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38461 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38453 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38459 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38451 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38455 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38457 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-38449 | 2021-10-22 | AUVESY Versiondog |
| CVE-2021-31682 | 2021-10-22 | The login portal for the Automated Logic WebCTRL/WebCTRL OEM web... |
| CVE-2021-41744 | 2021-10-22 | All versions of yongyou PLM are affected by a command... |
| CVE-2021-41747 | 2021-10-22 | Cross-Site Scripting (XSS) vulnerability exists in Csdn APP 4.10.0, which... |
| CVE-2021-41745 | 2021-10-22 | ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can... |
| CVE-2021-42169 | 2021-10-22 | The Simple Payroll System with Dynamic Tax Bracket in PHP... |
| CVE-2021-42534 | 2021-10-22 | Trane Building Automation Controllers Cross-site Scripting |
| CVE-2021-42538 | 2021-10-22 | Emerson WirelessHART Gateway |
| CVE-2021-42539 | 2021-10-22 | Emerson WirelessHART Gateway |
| CVE-2021-42536 | 2021-10-22 | Emerson WirelessHART Gateway |
| CVE-2021-42540 | 2021-10-22 | Emerson WirelessHART Gateway |
| CVE-2021-42542 | 2021-10-22 | Emerson WirelessHART Gateway |
| CVE-2021-38485 | 2021-10-22 | Emerson WirelessHART Gateway |
| CVE-2021-0651 | 2021-10-22 | In loadLabel of PackageItemInfo.java, there is a possible way to... |
| CVE-2021-0483 | 2021-10-22 | In multiple methods of AAudioService, there is a possible use-after-free... |
| CVE-2021-0708 | 2021-10-22 | In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of... |
| CVE-2021-0643 | 2021-10-22 | In getAllSubInfoList of SubscriptionController.java, there is a possible way to... |