CVE List - 2021 / November
Showing 201 - 300 of 1508 CVEs for November 2021 (Page 3 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-23109 | 2021-11-03 | Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif... |
| CVE-2021-26786 | 2021-11-03 | An issue was discoverered in in customercentric-selling-poland PlayTube, allows authenticated... |
| CVE-2020-20982 | 2021-11-03 | Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows... |
| CVE-2020-24743 | 2021-11-03 | An issue was found in /showReports.do Zoho ManageEngine Applications Manager... |
| CVE-2021-27836 | 2021-11-03 | An issue was discoverered in in function xls_getWorkSheet in xls.c... |
| CVE-2020-24000 | 2021-11-03 | SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to... |
| CVE-2021-40985 | 2021-11-03 | A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers... |
| CVE-2020-23679 | 2021-11-03 | Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to... |
| CVE-2020-23680 | 2021-11-03 | An issue was discovered in function StartPage in text2pdf.c in... |
| CVE-2021-23820 | 2021-11-03 | Prototype Pollution |
| CVE-2021-23624 | 2021-11-03 | Prototype Pollution |
| CVE-2021-23807 | 2021-11-03 | Prototype Pollution |
| CVE-2021-23509 | 2021-11-03 | Prototype Pollution |
| CVE-2021-23784 | 2021-11-03 | Cross-site Scripting (XSS) |
| CVE-2021-23472 | 2021-11-03 | Cross-site Scripting (XSS) |
| CVE-2021-41134 | 2021-11-03 | Stored XSS in Jupyter nbdime |
| CVE-2020-18259 | 2021-11-03 | ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting... |
| CVE-2020-18261 | 2021-11-03 | An arbitrary file upload vulnerability in the image upload function... |
| CVE-2020-18262 | 2021-11-03 | ED01-CMS v1.0 was discovered to contain a SQL injection in... |
| CVE-2020-18263 | 2021-11-03 | PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2021-41174 | 2021-11-03 | XSS vulnerability allowing arbitrary JavaScript execution |
| CVE-2021-43140 | 2021-11-03 | SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0.... |
| CVE-2021-43141 | 2021-11-03 | Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription... |
| CVE-2020-28416 | 2021-11-03 | HP has identified a security vulnerability with the I.R.I.S. OCR... |
| CVE-2021-38411 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38418 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38422 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38403 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38424 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38407 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38420 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38428 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38416 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2021-38488 | 2021-11-03 | Delta Electronics DIALink |
| CVE-2020-6931 | 2021-11-03 | HP Print and Scan Doctor may potentially be vulnerable to... |
| CVE-2021-33800 | 2021-11-03 | In Druid 1.2.3, visiting the path with parameter in a... |
| CVE-2021-35053 | 2021-11-03 | Possible system denial of service in case of arbitrary changing... |
| CVE-2021-41492 | 2021-11-03 | Multiple SQL Injection vulnerabilities exist in Sourcecodester Simple Cashiering System... |
| CVE-2021-42772 | 2021-11-03 | Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and... |
| CVE-2021-22960 | 2021-11-03 | The parse function in llhttp < 2.1.4 and < 6.0.6.... |
| CVE-2021-43339 | 2021-11-03 | In Ericsson Network Location before 2021-07-31, it is possible for... |
| CVE-2021-43032 | 2021-11-03 | In XenForo through 2.2.7, a threat actor with access to... |
| CVE-2021-41562 | 2021-11-03 | Deletion of arbitrary files vulnerability in Snow Agent for Windows |
| CVE-2021-21693 | 2021-11-04 | When creating temporary files, agent-to-controller access to create those files... |
| CVE-2021-43400 | 2021-11-04 | An issue was discovered in gatt-database.c in BlueZ 5.61. A... |
| CVE-2021-34594 | 2021-11-04 | Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server |
| CVE-2021-34597 | 2021-11-04 | Phoenix Contact: PC Worx/-Express prone to improper input validation vulnerability |
| CVE-2020-25367 | 2021-11-04 | A command injection vulnerability was discovered in the HNAP1 protocol... |
| CVE-2020-25366 | 2021-11-04 | An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1... |
| CVE-2020-25368 | 2021-11-04 | A command injection vulnerability was discovered in the HNAP1 protocol... |
| CVE-2021-42624 | 2021-11-04 | A local buffer overflow vulnerability exists in the latest version... |
| CVE-2021-40127 | 2021-11-04 | Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability |
| CVE-2021-40128 | 2021-11-04 | Cisco Webex Meetings Email Content Injection Vulnerability |
| CVE-2021-34773 | 2021-11-04 | Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability |
| CVE-2021-34774 | 2021-11-04 | Cisco Common Services Platform Collector Information Disclosure Vulnerability |
| CVE-2021-34795 | 2021-11-04 | Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities |
| CVE-2021-40112 | 2021-11-04 | Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities |
| CVE-2021-40113 | 2021-11-04 | Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities |
| CVE-2021-40115 | 2021-11-04 | Cisco Webex Video Mesh Cross-Site Scripting Vulnerability |
| CVE-2021-40119 | 2021-11-04 | Cisco Policy Suite Static SSH Keys Vulnerability |
| CVE-2021-40120 | 2021-11-04 | Cisco Small Business RV Series Routers Command Injection Vulnerability |
| CVE-2021-40124 | 2021-11-04 | Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability |
| CVE-2021-40126 | 2021-11-04 | Cisco Umbrella Email Enumeration Vulnerability |
| CVE-2021-34784 | 2021-11-04 | Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability |
| CVE-2021-34741 | 2021-11-04 | Cisco Email Security Appliance Denial of Service Vulnerability |
| CVE-2021-34739 | 2021-11-04 | Cisco Small Business Series Switches Session Credentials Replay Vulnerability |
| CVE-2021-34731 | 2021-11-04 | Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability |
| CVE-2021-34701 | 2021-11-04 | Cisco Unified Communications Products Path Traversal Vulnerability |
| CVE-2021-1500 | 2021-11-04 | Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability |
| CVE-2021-21685 | 2021-11-04 | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not... |
| CVE-2021-21686 | 2021-11-04 | File path filters in the agent-to-controller security subsystem of Jenkins... |
| CVE-2021-21687 | 2021-11-04 | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not... |
| CVE-2021-21688 | 2021-11-04 | The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins 2.318 and earlier,... |
| CVE-2021-21689 | 2021-11-04 | FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access... |
| CVE-2021-21690 | 2021-11-04 | Agent processes are able to completely bypass file path filtering... |
| CVE-2021-21691 | 2021-11-04 | Creating symbolic links is possible without the 'symlink' agent-to-controller access... |
| CVE-2021-21692 | 2021-11-04 | FilePath#renameTo and FilePath#moveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2... |
| CVE-2021-21694 | 2021-11-04 | FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any... |
| CVE-2021-21695 | 2021-11-04 | FilePath#listFiles lists files outside directories that agents are allowed to... |
| CVE-2021-21696 | 2021-11-04 | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not... |
| CVE-2021-21697 | 2021-11-04 | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any... |
| CVE-2021-21698 | 2021-11-04 | Jenkins Subversion Plugin 2.15.0 and earlier does not restrict the... |
| CVE-2021-41247 | 2021-11-04 | incomplete logout in JupyterHub |
| CVE-2021-43281 | 2021-11-04 | MyBB before 1.8.29 allows Remote Code Injection by an admin... |
| CVE-2021-43293 | 2021-11-04 | Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote... |
| CVE-2021-43389 | 2021-11-04 | An issue was discovered in the Linux kernel before 5.14.15.... |
| CVE-2020-21139 | 2021-11-04 | EC Cloud E-Commerce System v1.3 was discovered to contain a... |
| CVE-2021-43396 | 2021-11-04 | In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34,... |
| CVE-2021-41249 | 2021-11-04 | XSS vulnerability in GraphQL Playground |
| CVE-2021-43398 | 2021-11-04 | Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage... |
| CVE-2021-41248 | 2021-11-04 | XSS vulnerability in GraphiQL |
| CVE-2021-42057 | 2021-11-04 | Obsidian Dataview through 0.4.12-hotfix1 allows eval injection. The evalInContext function... |
| CVE-2021-39914 | 2021-11-04 | A regular expression denial of service issue in GitLab versions... |
| CVE-2021-39902 | 2021-11-04 | Incorrect Authorization in GitLab CE/EE 13.4 or above allows a... |
| CVE-2021-39903 | 2021-11-04 | In all versions of GitLab CE/EE since version 13.0, a... |
| CVE-2021-39909 | 2021-11-04 | Lack of email address ownership verification in the CODEOWNERS feature... |
| CVE-2021-39906 | 2021-11-04 | Improper validation of ipynb files in GitLab CE/EE version 13.5... |
| CVE-2021-39912 | 2021-11-04 | A potential DoS vulnerability was discovered in GitLab CE/EE starting... |
| CVE-2021-39897 | 2021-11-04 | Improper access control in GitLab CE/EE version 10.5 and above... |
| CVE-2021-39913 | 2021-11-04 | Accidental logging of system root password in the migration log... |