CVE List - 2021 / November
Showing 401 - 500 of 1508 CVEs for November 2021 (Page 5 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-43412 | 2021-11-07 | An issue was discovered in GNU Hurd before 0.9 20210404-9.... |
| CVE-2021-25978 | 2021-11-07 | Apostrophe - XSS |
| CVE-2021-41771 | 2021-11-08 | ImportedSymbols in debug/macho (for Open or OpenFat) in Go before... |
| CVE-2021-41772 | 2021-11-08 | Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip... |
| CVE-2021-42073 | 2021-11-08 | An issue was discovered in Barrier before 2.4.0. An attacker... |
| CVE-2021-31599 | 2021-11-08 | An issue was discovered in Hitachi Vantara Pentaho through 9.1... |
| CVE-2021-31600 | 2021-11-08 | An issue was discovered in Hitachi Vantara Pentaho through 9.1... |
| CVE-2021-31601 | 2021-11-08 | An issue was discovered in Hitachi Vantara Pentaho through 9.1... |
| CVE-2021-31602 | 2021-11-08 | An issue was discovered in Hitachi Vantara Pentaho through 9.1... |
| CVE-2021-34684 | 2021-11-08 | Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated... |
| CVE-2021-34685 | 2021-11-08 | UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does... |
| CVE-2021-42072 | 2021-11-08 | An issue was discovered in Barrier before 2.4.0. The barriers... |
| CVE-2021-42074 | 2021-11-08 | An issue was discovered in Barrier before 2.3.4. An unauthenticated... |
| CVE-2021-42075 | 2021-11-08 | An issue was discovered in Barrier before 2.3.4. The barriers... |
| CVE-2021-42076 | 2021-11-08 | An issue was discovered in Barrier before 2.3.4. An attacker... |
| CVE-2021-42077 | 2021-11-08 | PHP Event Calendar before 2021-09-03 allows SQL injection, as demonstrated... |
| CVE-2021-42078 | 2021-11-08 | PHP Event Calendar through 2021-11-04 allows persistent cross-site scripting (XSS),... |
| CVE-2021-42372 | 2021-11-08 | A shell command injection in the HW Events SNMP community... |
| CVE-2021-42371 | 2021-11-08 | lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and... |
| CVE-2021-42370 | 2021-11-08 | A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD... |
| CVE-2021-32481 | 2021-11-08 | Cloudera Hue 4.6.0 allows XSS via the type parameter. |
| CVE-2021-29994 | 2021-11-08 | Cloudera Hue 4.6.0 allows XSS. |
| CVE-2021-32482 | 2021-11-08 | Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS... |
| CVE-2021-29243 | 2021-11-08 | Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. |
| CVE-2021-30132 | 2021-11-08 | Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of... |
| CVE-2021-32483 | 2021-11-08 | Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of... |
| CVE-2021-37850 | 2021-11-08 | Denial of service in ESET for Mac products |
| CVE-2021-22051 | 2021-11-08 | Applications using Spring Cloud Gateway are vulnerable to specifically crafted... |
| CVE-2021-41733 | 2021-11-08 | Oppia 3.1.4 does not verify that certain URLs are valid... |
| CVE-2021-39182 | 2021-11-08 | Use of Password Hash With Insufficient Computational Effort and Use of a Broken or Risky Cryptographic Algorithm and Reversible One-Way Hash in hashing.py |
| CVE-2021-25979 | 2021-11-08 | Apostrophe - Insufficient Session Expiration |
| CVE-2021-28022 | 2021-11-08 | Blind SQL injection in the login form in ServiceTonic Helpdesk... |
| CVE-2021-28023 | 2021-11-08 | Arbitrary file upload in Service import feature in ServiceTonic Helpdesk... |
| CVE-2021-28024 | 2021-11-08 | Unauthorized system access in the login form in ServiceTonic Helpdesk... |
| CVE-2021-42770 | 2021-11-08 | A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before... |
| CVE-2020-4152 | 2021-11-08 | IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or... |
| CVE-2020-4153 | 2021-11-08 | IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to... |
| CVE-2020-4160 | 2021-11-08 | IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a... |
| CVE-2021-29735 | 2021-11-08 | IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3... |
| CVE-2021-29843 | 2021-11-08 | IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD... |
| CVE-2021-24537 | 2021-11-08 | Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution |
| CVE-2021-24575 | 2021-11-08 | WPSchoolPress < 2.1.10 - Multiple Authenticated SQL Injections |
| CVE-2021-24594 | 2021-11-08 | Translate WordPress - Google Language Translator < 6.0.12 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24607 | 2021-11-08 | Storefront Footer Text <= 1.0.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24616 | 2021-11-08 | AddToAny Share Buttons < 1.7.48 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24625 | 2021-11-08 | SpiderCatalog <= 1.7.3 - Admin+ SQL Injection |
| CVE-2021-24626 | 2021-11-08 | Chameleon CSS <= 1.2 - Subscriber+ SQL Injection |
| CVE-2021-24627 | 2021-11-08 | G Auto-Hyperlink <= 1.0.1 - Admin+ SQL Injection |
| CVE-2021-24628 | 2021-11-08 | Wow Forms <= 3.1.3 - Admin+ SQL Injection |
| CVE-2021-24629 | 2021-11-08 | Post Content XMLRPC <= 1.0 - Admin+ SQL Injections |
| CVE-2021-24630 | 2021-11-08 | Schreikasten <= 0.14.18 - Author+ SQL Injections |
| CVE-2021-24631 | 2021-11-08 | Unlimited PopUps <= 4.5.3 - Author+ SQL Injection |
| CVE-2021-24645 | 2021-11-08 | Booking.com Product Helper < 1.0.2 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24646 | 2021-11-08 | Booking.com Banner Creator < 1.4.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24647 | 2021-11-08 | Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login |
| CVE-2021-24664 | 2021-11-08 | WPSchoolPress < 2.1.17 - Multiple Admin+ Stored Cross-Site Scripting |
| CVE-2021-24669 | 2021-11-08 | MAZ Loader < 1.3.3 - Contributor+ SQL Injection |
| CVE-2021-24674 | 2021-11-08 | Genie WP Favicon <= 0.5.2 - Arbitrary Favicon Change via CSRF |
| CVE-2021-24693 | 2021-11-08 | Simple Download Monitor < 3.9.5 - Contributor+ Stored Cross-Site Scripting via File Thumbnail |
| CVE-2021-24695 | 2021-11-08 | Simple Download Monitor < 3.9.6 - Unauthenticated Log Access |
| CVE-2021-24697 | 2021-11-08 | Simple Download Monitor < 3.9.5 - Reflected Cross-Site Scripting |
| CVE-2021-24698 | 2021-11-08 | Simple Download Monitor < 3.9.6 - Arbitrary Thumbnails Removal |
| CVE-2021-24701 | 2021-11-08 | Quiz Tool Lite <= 2.3.15 - Multiple Admin+ Stored Cross-Site Scripting |
| CVE-2021-24706 | 2021-11-08 | Qwizcards < 3.62 - Admin+ Stored Cross Site Scripting |
| CVE-2021-24708 | 2021-11-08 | WP All Export < 1.3.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24710 | 2021-11-08 | Print-O-Matic < 2.0.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24721 | 2021-11-08 | Loco Translate < 2.5.4 - Authenticated PHP Code Injection |
| CVE-2021-24731 | 2021-11-08 | Pie Register < 3.7.1.6 - Unauthenticated SQL Injection |
| CVE-2021-24766 | 2021-11-08 | 404 to 301 < 3.0.9 - Logs Deletion via CSRF |
| CVE-2021-24767 | 2021-11-08 | Redirect 404 Error Page to Homepage or Custom Page with Logs < 1.7.9 - Log Deletion via CSRF |
| CVE-2021-24783 | 2021-11-08 | Post Expirator < 2.6.0 - Contributor+ Arbitrary Post Schedule Deletion |
| CVE-2021-24788 | 2021-11-08 | Batch Cat <= 0.3 - Subscriber+ Arbitrary Categories Add/Set/Delete to Posts |
| CVE-2021-24791 | 2021-11-08 | Header Footer Code Manager < 1.1.14 - Admin+ SQL Injections |
| CVE-2021-24798 | 2021-11-08 | WP Header Images < 2.0.1 - Reflected Cross-Site Scripting |
| CVE-2021-24801 | 2021-11-08 | WP Survey Plus <= 1.0 - Subscriber+ AJAX Calls |
| CVE-2021-24806 | 2021-11-08 | wpDiscuz < 7.3.4 - Arbitrary Comment Addition/Edition/Deletion via CSRF |
| CVE-2021-24807 | 2021-11-08 | Support Board < 3.3.5 - Agent+ Stored Cross-Site Scripting |
| CVE-2021-24816 | 2021-11-08 | Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming |
| CVE-2021-24827 | 2021-11-08 | Asgaros Forum < 1.15.13 - Unauthenticated SQL Injection |
| CVE-2021-24829 | 2021-11-08 | Visitor Traffic Real Time Statistics < 3.9 - Subscriber+ SQL Injection |
| CVE-2021-24832 | 2021-11-08 | WP SEO Redirect 301 < 2.3.2 - Redirect Deletion via CSRF |
| CVE-2021-24835 | 2021-11-08 | WCFM - Frontend Manager for WooCommerce < 6.5.12 - Customer/Subscriber+ SQL Injection |
| CVE-2021-24840 | 2021-11-08 | Squaretype Modern Blog < 3.0.4 - Unauthenticated Private/Schedule Posts Disclosure |
| CVE-2021-24844 | 2021-11-08 | Affiliate Manager < 2.8.7 - Admin+ SQL injection |
| CVE-2021-40577 | 2021-11-08 | A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester... |
| CVE-2021-39420 | 2021-11-08 | Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0.99.5... |
| CVE-2021-41170 | 2021-11-08 | Evaluation of closures can lead to execution of methods & functions in current program scope |
| CVE-2021-40260 | 2021-11-08 | Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester Tailor... |
| CVE-2021-40261 | 2021-11-08 | Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester CASAP... |
| CVE-2020-23572 | 2021-11-08 | BEESCMS v4.0 was discovered to contain an arbitrary file upload... |
| CVE-2021-41253 | 2021-11-08 | Possible heap buffer overflow when using zycore string functions in formatter hooks |
| CVE-2021-43114 | 2021-11-09 | FORT Validator versions prior to 1.5.2 will crash if an... |
| CVE-2021-43466 | 2021-11-09 | In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in... |
| CVE-2020-10052 | 2021-11-09 | A vulnerability has been identified in SIMATIC RTLS Locating Manager... |
| CVE-2020-10053 | 2021-11-09 | A vulnerability has been identified in SIMATIC RTLS Locating Manager... |
| CVE-2020-10054 | 2021-11-09 | A vulnerability has been identified in SIMATIC RTLS Locating Manager... |
| CVE-2021-31344 | 2021-11-09 | A vulnerability has been identified in Capital Embedded AR Classic... |
| CVE-2021-31345 | 2021-11-09 | A vulnerability has been identified in Capital Embedded AR Classic... |
| CVE-2021-31346 | 2021-11-09 | A vulnerability has been identified in Capital Embedded AR Classic... |
| CVE-2021-31881 | 2021-11-09 | A vulnerability has been identified in Capital Embedded AR Classic... |