CVE List - 2021 / November
Showing 1 - 100 of 1508 CVEs for November 2021 (Page 1 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-42574 | 2021-11-01 | An issue was discovered in the Bidirectional Algorithm in the... |
| CVE-2021-42694 | 2021-11-01 | An issue was discovered in the character definitions of the... |
| CVE-2021-42917 | 2021-11-01 | Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows... |
| CVE-2021-20838 | 2021-11-01 | Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and... |
| CVE-2021-20839 | 2021-11-01 | Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and... |
| CVE-2021-41313 | 2021-11-01 | Affected versions of Atlassian Jira Server and Data Center allow... |
| CVE-2021-40348 | 2021-11-01 | Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code... |
| CVE-2021-41973 | 2021-11-01 | Apache MINA HTTP listener DOS |
| CVE-2015-10001 | 2021-11-01 | WP-Stats < 2.5.2 - CSRF to Stored Cross-Site Scripting (XSS) |
| CVE-2015-20019 | 2021-11-01 | Content text slider on post < 6.9 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2015-20067 | 2021-11-01 | WP Attachment Export < 0.2.4 - Unauthenticated Posts Download |
| CVE-2018-25019 | 2021-11-01 | LearnDash < 2.5.4 - Unauthenticated Arbitrary File Upload |
| CVE-2020-36503 | 2021-11-01 | Connections Business Directory < 9.7 - Admin+ CSV Injection |
| CVE-2020-36504 | 2021-11-01 | WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRF |
| CVE-2020-36505 | 2021-11-01 | Delete All Comments Easily <= 1.3 - All Comments Deletion via CSRF |
| CVE-2021-24539 | 2021-11-01 | Coming Soon, Under Construction & Maintenance Mode By Dazzler < 1.6.7 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24570 | 2021-11-01 | Paypal Donation < 1.3.1 - CSRF to Stored Cross-Site Scripting |
| CVE-2021-24572 | 2021-11-01 | Paypal Donation < 1.3.1 - CSRF to Arbitrary Post Deletion |
| CVE-2021-24624 | 2021-11-01 | MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting |
| CVE-2021-24682 | 2021-11-01 | Cool Tag Cloud < 2.26 - Contributor+ Stored Cross-Site Scripting |
| CVE-2021-24685 | 2021-11-01 | Flat Preloader < 1.5.4 - CSRF to Stored Cross-Site Scripting |
| CVE-2021-24715 | 2021-11-01 | WP Sitemap Page < 1.7.0 - Admin+ Stored Cross Site Scripting |
| CVE-2021-24716 | 2021-11-01 | Modern Events Calendar Lite < 5.22.3 - Authenticated Stored Cross Site Scripting |
| CVE-2021-24717 | 2021-11-01 | AutomatorWP < 1.7.6 - Missing Authorization and Privilege Escalation |
| CVE-2021-24722 | 2021-11-01 | Restaurant Menu by MotoPress < 2.4.2 - Admin+ Stored Cross Site Scripting |
| CVE-2021-24723 | 2021-11-01 | WP Reactions Lite < 1.3.6 - Authenticated Stored Cross Site Scripting |
| CVE-2021-24742 | 2021-11-01 | Logo Slider and Showcase < 1.3.37 - Editor Plugin's Settings Update |
| CVE-2021-24757 | 2021-11-01 | Stylish Price List < 6.9.0 - Unauthenticated Arbitrary Image Upload |
| CVE-2021-24770 | 2021-11-01 | Stylish Price List < 6.9.1 - Subscriber+ Arbitrary Image Upload |
| CVE-2021-24773 | 2021-11-01 | WordPress Download Manager < 3.2.16 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24781 | 2021-11-01 | Image Source Control < 2.3.1 - Contributor+ Arbitrary Post Meta Value Change |
| CVE-2021-24789 | 2021-11-01 | Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24793 | 2021-11-01 | WPeMatico RSS Feed Fetcher < 2.6.12 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24794 | 2021-11-01 | Connections Business Directory < 10.4.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24799 | 2021-11-01 | Far Future Expiry Header < 1.5 - Plugin's Settings Update via CSRF |
| CVE-2021-24808 | 2021-11-01 | BP Better Messages < 1.9.9.41 - Reflected Cross-Site Scripting |
| CVE-2021-24809 | 2021-11-01 | BP Better Messages < 1.9.9.41 - Multiple CSRF |
| CVE-2021-24813 | 2021-11-01 | Events Made Easy < 2.2.24 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-27644 | 2021-11-01 | DolphinScheduler mysql jdbc connector parameters deserialize remote code execution |
| CVE-2021-42557 | 2021-11-01 | In Jeedom through 4.1.19, a bug allows a remote attacker... |
| CVE-2021-25874 | 2021-11-01 | AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL... |
| CVE-2021-25875 | 2021-11-01 | AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script... |
| CVE-2021-25876 | 2021-11-01 | AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting... |
| CVE-2021-25877 | 2021-11-01 | AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write.... |
| CVE-2021-25878 | 2021-11-01 | AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross... |
| CVE-2021-27004 | 2021-11-01 | System Manager 9.x versions 9.7 and higher prior to 9.7P16,... |
| CVE-2021-22563 | 2021-11-01 | Memory Overread in libjxl |
| CVE-2021-22564 | 2021-11-01 | Out of bounds Copy in Libjxl in large image groups |
| CVE-2021-3440 | 2021-11-01 | HP Print and Scan Doctor, an application within the HP... |
| CVE-2021-3704 | 2021-11-01 | Potential security vulnerabilities have been discovered on a certain HP... |
| CVE-2021-27005 | 2021-11-01 | Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16,... |
| CVE-2021-29213 | 2021-11-01 | A potential local bypass of security restrictions vulnerability has been... |
| CVE-2021-29212 | 2021-11-01 | A remote unauthenticated directory traversal security vulnerability has been identified... |
| CVE-2021-3705 | 2021-11-01 | Potential security vulnerabilities have been discovered on a certain HP... |
| CVE-2020-28702 | 2021-11-01 | A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows... |
| CVE-2021-38847 | 2021-11-01 | S-Cart v6.4.1 and below was discovered to contain an arbitrary... |
| CVE-2021-26739 | 2021-11-01 | SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows... |
| CVE-2021-26740 | 2021-11-01 | Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows... |
| CVE-2021-31849 | 2021-11-01 | Data Loss Prevention (DLP) ePO extension - SQL injection |
| CVE-2021-31848 | 2021-11-01 | Data Loss Prevention (DLP) ePO extension - Cross site scripting (XSS) |
| CVE-2021-20136 | 2021-11-01 | ManageEngine Log360 Builds < 5235 are affected by an improper... |
| CVE-2021-39346 | 2021-11-01 | Google Maps Easy <= 1.9.33 Authenticated Stored Cross-Site Scripting |
| CVE-2021-38356 | 2021-11-01 | NextScripts: Social Networks Auto-Poster <= 4.3.20 Reflected Cross-Site Scripting |
| CVE-2021-39333 | 2021-11-01 | Hashthemes Demo Importer <= 1.1.1 Improper Access Control Allowing Content Deletion |
| CVE-2021-39340 | 2021-11-01 | Notification – Custom Notifications and Alerts for WordPress <= 7.2.4 Authenticated Stored Cross-Site Scripting |
| CVE-2021-39341 | 2021-11-01 | OptinMonster <= 2.6.4 Unprotected REST-API Endpoints |
| CVE-2021-43058 | 2021-11-01 | An open redirect vulnerability exists in Replicated Classic versions prior... |
| CVE-2021-41187 | 2021-11-01 | SQL Injection in DHIS2 Tracker API |
| CVE-2021-41310 | 2021-11-01 | Affected versions of Atlassian Jira Server and Data Center allow... |
| CVE-2021-33593 | 2021-11-02 | Whale browser for iOS before 1.14.0 has an inconsistent user... |
| CVE-2021-25973 | 2021-11-02 | Publify - Improper Authorization Leads to Guest Signup Restriction Bypass |
| CVE-2021-3765 | 2021-11-02 | Inefficient Regular Expression Complexity in validatorjs/validator.js |
| CVE-2021-36560 | 2021-11-02 | Phone Shop Sales Managements System using PHP with Source Code... |
| CVE-2021-33611 | 2021-11-02 | Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14 |
| CVE-2020-27406 | 2021-11-02 | Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated... |
| CVE-2020-35249 | 2021-11-02 | Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows attackers... |
| CVE-2021-27722 | 2021-11-02 | An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5.... |
| CVE-2021-37842 | 2021-11-02 | metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of... |
| CVE-2021-42763 | 2021-11-02 | Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive... |
| CVE-2021-36922 | 2021-11-02 | RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through... |
| CVE-2021-36923 | 2021-11-02 | RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through... |
| CVE-2021-36924 | 2021-11-02 | RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through... |
| CVE-2021-36925 | 2021-11-02 | RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through... |
| CVE-2021-42568 | 2021-11-02 | Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to... |
| CVE-2021-36794 | 2021-11-02 | In Siren Investigate before 11.1.4, when enabling the cluster feature... |
| CVE-2021-29737 | 2021-11-02 | IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server... |
| CVE-2021-29738 | 2021-11-02 | IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7... |
| CVE-2021-29771 | 2021-11-02 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2021-29875 | 2021-11-02 | IBM InfoSphere Information Server 11.7 could allow an attacker to... |
| CVE-2021-29888 | 2021-11-02 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request... |
| CVE-2021-38948 | 2021-11-02 | IBM InfoSphere Information Server 11.7 is vulnerable to an XML... |
| CVE-2021-36181 | 2021-11-02 | A concurrent execution using shared resource with improper Synchronization vulnerability... |
| CVE-2021-36172 | 2021-11-02 | An improper restriction of XML external entity reference vulnerability in... |
| CVE-2021-41019 | 2021-11-02 | An improper validation of certificate with host mismatch [CWE-297] vulnerability... |
| CVE-2020-18438 | 2021-11-02 | Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to... |
| CVE-2020-18439 | 2021-11-02 | An issue was discoverered in in function edit_save_f in framework/admin/tpl_control.php... |
| CVE-2020-18440 | 2021-11-02 | Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows... |
| CVE-2020-20657 | 2021-11-02 | Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to... |
| CVE-2020-20658 | 2021-11-02 | Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to... |
| CVE-2020-21572 | 2021-11-02 | Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit... |