CVE List - 2021 / October
Showing 101 - 200 of 1707 CVEs for October 2021 (Page 2 of 18)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-38823 | 2021-10-04 | The IceHrm 30.0.0 OS website was found vulnerable to Session... |
| CVE-2021-41867 | 2021-10-04 | An information disclosure vulnerability in OnionShare 2.3 before 2.4 allows... |
| CVE-2021-25964 | 2021-10-04 | Stored Cross-Site Scripting (XSS) in Calibre-web via Description Field in Metadata |
| CVE-2021-40683 | 2021-10-04 | In Akamai EAA (Enterprise Application Access) Client before 2.3.1, 2.4.x... |
| CVE-2021-39885 | 2021-10-04 | A Stored XSS in merge request creation page in all... |
| CVE-2021-35296 | 2021-10-04 | An issue in the administrator authentication panel of PTCL HG150-Ub... |
| CVE-2021-39877 | 2021-10-04 | A vulnerability was discovered in GitLab starting with version 12.2... |
| CVE-2021-39879 | 2021-10-04 | Missing authentication in all versions of GitLab CE/EE since version... |
| CVE-2021-39873 | 2021-10-04 | In all versions of GitLab CE/EE, there exists a content... |
| CVE-2021-39896 | 2021-10-04 | In all versions of GitLab CE/EE since version 8.0, when... |
| CVE-2021-39900 | 2021-10-04 | Information disclosure from SendEntry in GitLab starting with 10.8 allowed... |
| CVE-2021-41595 | 2021-10-04 | SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory... |
| CVE-2021-39899 | 2021-10-04 | In all versions of GitLab CE/EE, an attacker with physical... |
| CVE-2021-41591 | 2021-10-04 | ACINQ Eclair before 0.6.3 allows loss of funds because of... |
| CVE-2021-39871 | 2021-10-04 | In all versions of GitLab CE/EE since version 13.0, an... |
| CVE-2021-41596 | 2021-10-04 | SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory... |
| CVE-2021-39883 | 2021-10-04 | Improper authorization checks in all versions of GitLab EE starting... |
| CVE-2021-39874 | 2021-10-04 | In all versions of GitLab CE/EE since version 11.0, the... |
| CVE-2021-22259 | 2021-10-04 | A potential DOS vulnerability was discovered in GitLab EE starting... |
| CVE-2021-41593 | 2021-10-04 | Lightning Labs lnd before 0.13.3-beta allows loss of funds because... |
| CVE-2021-39868 | 2021-10-04 | In all versions of GitLab CE/EE since version 8.12, an... |
| CVE-2021-36850 | 2021-10-04 | WordPress Media File Renamer – Auto & Manual Rename plugin <= 5.1.9 - Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2021-41530 | 2021-10-04 | Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier,... |
| CVE-2021-41592 | 2021-10-04 | Blockstream c-lightning through 0.10.1 allows loss of funds because of... |
| CVE-2020-28119 | 2021-10-04 | Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows... |
| CVE-2021-39347 | 2021-10-04 | Stripe for WooCommerce 3.0.0 - 3.3.9 Missing Authorization Controls to Financial Account Hijacking |
| CVE-2021-38618 | 2021-10-04 | In GFOS Workforce Management 4.8.272.1, the login page of application... |
| CVE-2021-32626 | 2021-10-04 | Lua scripts can overflow the heap-based Lua stack in Redis |
| CVE-2021-23856 | 2021-10-04 | Reflected Cross-Site-Scripting |
| CVE-2021-41579 | 2021-10-04 | LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control... |
| CVE-2021-23858 | 2021-10-04 | Information disclosure |
| CVE-2021-23855 | 2021-10-04 | Information disclosure |
| CVE-2021-23857 | 2021-10-04 | Login with hash |
| CVE-2021-38394 | 2021-10-04 | Missing Protection against Hardware Reverse Engineering Using Integrated Circuit Imaging Techniques for Boston Scientific Zoom Latitude |
| CVE-2021-38398 | 2021-10-04 | Reliance on Component that is not Updateable for Boston Scientific Zoom Latitude |
| CVE-2021-32628 | 2021-10-04 | Vulnerability in handling large ziplists |
| CVE-2021-38392 | 2021-10-04 | Improper Access Control for Boston Scientific Zoom Latitude |
| CVE-2021-32627 | 2021-10-04 | Integer overflow issue with Streams in Redis |
| CVE-2021-38396 | 2021-10-04 | Missing Support Integrity Check for Boston Scientific Zoom Latitude |
| CVE-2021-38400 | 2021-10-04 | Use of Password Hash with Insufficient Computational Effort for Boston Scientific Zoom Latitude |
| CVE-2021-41578 | 2021-10-04 | mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when... |
| CVE-2021-32672 | 2021-10-04 | Vulnerability in Lua Debugger in Redis |
| CVE-2021-32675 | 2021-10-04 | DoS vulnerability in Redis |
| CVE-2021-32687 | 2021-10-04 | Integer overflow issue with intsets in Redis |
| CVE-2021-32762 | 2021-10-04 | Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms |
| CVE-2021-41651 | 2021-10-04 | A blind SQL injection vulnerability exists in the Raymart DG... |
| CVE-2021-41099 | 2021-10-04 | Integer overflow issue with strings in Redis |
| CVE-2021-41093 | 2021-10-04 | Account takeover when having only access to a user's short lived token |
| CVE-2021-41094 | 2021-10-04 | Mandatory encryption at rest can be bypassed (UI) in Wire app |
| CVE-2021-41100 | 2021-10-04 | Account takeover when having only access to a user's short lived token in wire-server |
| CVE-2021-41118 | 2021-10-04 | ReDoS in DynamicPageList3 |
| CVE-2021-39433 | 2021-10-04 | A local file inclusion (LFI) vulnerability exists in version BIQS... |
| CVE-2020-21386 | 2021-10-04 | A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of... |
| CVE-2020-21387 | 2021-10-04 | A cross-site scripting (XSS) vulnerability in the parameter type_en of... |
| CVE-2021-41092 | 2021-10-04 | Docker CLI leaks private registry credentials to registry-1.docker.io |
| CVE-2021-41091 | 2021-10-04 | Insufficiently restricted permissions on data directory in Docker Engine |
| CVE-2020-21431 | 2021-10-04 | HongCMS v3.0 contains an arbitrary file read and write vulnerability... |
| CVE-2020-21434 | 2021-10-04 | Maccms 10 contains a cross-site scripting (XSS) vulnerability in the... |
| CVE-2021-41089 | 2021-10-04 | `docker cp` allows unexpected chmod of host files |
| CVE-2020-21493 | 2021-10-04 | An issue in the component route\user.php of Xiuno BBS v4.0.4... |
| CVE-2020-21494 | 2021-10-04 | A cross-site scripting (XSS) vulnerability in the component install\install.sql of... |
| CVE-2020-21495 | 2021-10-04 | A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of... |
| CVE-2020-21496 | 2021-10-04 | A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of... |
| CVE-2021-41123 | 2021-10-04 | Exposure of Sensitive Information to an Unauthorized Actor in WB.UI.Headquarters.dll |
| CVE-2021-42006 | 2021-10-04 | An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7... |
| CVE-2021-42008 | 2021-10-04 | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before... |
| CVE-2021-41524 | 2021-10-05 | null pointer dereference in h2 fuzzing |
| CVE-2021-41773 | 2021-10-05 | Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 |
| CVE-2021-39887 | 2021-10-05 | A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown... |
| CVE-2021-35503 | 2021-10-05 | Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For... |
| CVE-2021-35504 | 2021-10-05 | Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via... |
| CVE-2021-37223 | 2021-10-05 | Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery... |
| CVE-2021-35505 | 2021-10-05 | Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via... |
| CVE-2021-35506 | 2021-10-05 | Afian FileRun 2021.03.26 allows XSS when an administrator encounters a... |
| CVE-2021-39878 | 2021-10-05 | A stored Reflected Cross-Site Scripting vulnerability in the Jira integration... |
| CVE-2021-39893 | 2021-10-05 | A potential DOS vulnerability was discovered in GitLab starting with... |
| CVE-2021-39888 | 2021-10-05 | In all versions of GitLab EE starting from 13.10 before... |
| CVE-2021-39882 | 2021-10-05 | In all versions of GitLab CE/EE, provided a user ID,... |
| CVE-2021-39884 | 2021-10-05 | In all versions of GitLab EE since version 8.13, an... |
| CVE-2021-39875 | 2021-10-05 | In all versions of GitLab CE/EE since version 13.6, it... |
| CVE-2021-39867 | 2021-10-05 | In all versions of GitLab CE/EE since version 8.15, a... |
| CVE-2021-39869 | 2021-10-05 | In all versions of GitLab CE/EE since version 8.9, project... |
| CVE-2021-39894 | 2021-10-05 | In all versions of GitLab CE/EE since version 8.0, a... |
| CVE-2021-39872 | 2021-10-05 | In all versions of GitLab CE/EE since version 14.1, an... |
| CVE-2021-39866 | 2021-10-05 | A business logic error in the project deletion process in... |
| CVE-2021-39891 | 2021-10-05 | In all versions of GitLab CE/EE since version 8.0, access... |
| CVE-2021-39886 | 2021-10-05 | Permissions rules were not applied while issues were moved between... |
| CVE-2021-39881 | 2021-10-05 | In all versions of GitLab CE/EE since version 7.7, the... |
| CVE-2021-39870 | 2021-10-05 | In all versions of GitLab CE/EE since version 11.11, an... |
| CVE-2021-39889 | 2021-10-05 | In all versions of GitLab EE since version 14.1, due... |
| CVE-2021-22264 | 2021-10-05 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2021-22257 | 2021-10-05 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2021-22262 | 2021-10-05 | Missing access control in all GitLab versions starting from 13.12... |
| CVE-2021-22258 | 2021-10-05 | The project import/export feature in GitLab 8.9 and greater could... |
| CVE-2021-22261 | 2021-10-05 | A stored Cross-Site Scripting vulnerability in the Jira integration in... |
| CVE-2021-39880 | 2021-10-05 | A Denial Of Service vulnerability in the apollo_upload_server Ruby gem... |
| CVE-2021-41555 | 2021-10-05 | In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), XSS... |
| CVE-2021-41554 | 2021-10-05 | ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not... |
| CVE-2021-41553 | 2021-10-05 | In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the... |
| CVE-2021-35491 | 2021-10-05 | A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine... |