CVE List - 2021 / November
Showing 1101 - 1200 of 1508 CVEs for November 2021 (Page 12 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-23193 | 2021-11-18 | Improper privilege validation vulnerability in COM Interface of Gallagher Command... |
| CVE-2021-43017 | 2021-11-18 | Adobe Creative Cloud DLL Hijacking Local Application Denial of Service |
| CVE-2021-37322 | 2021-11-18 | GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability... |
| CVE-2021-41278 | 2021-11-18 | Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors |
| CVE-2021-40129 | 2021-11-18 | Cisco Common Services Platform Collector SQL Injection Vulnerability |
| CVE-2021-40130 | 2021-11-18 | Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability |
| CVE-2021-40131 | 2021-11-18 | Cisco Common Services Platform Collector Stored Cross-Site Scripting Vulnerability |
| CVE-2021-21898 | 2021-11-19 | A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of... |
| CVE-2021-21899 | 2021-11-19 | A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of... |
| CVE-2021-21900 | 2021-11-19 | A code execution vulnerability exists in the dxfRW::processLType() functionality of... |
| CVE-2021-3974 | 2021-11-19 | Use After Free in vim/vim |
| CVE-2021-39921 | 2021-11-19 | NULL pointer exception in the Modbus dissector in Wireshark 3.4.0... |
| CVE-2021-39922 | 2021-11-19 | Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to... |
| CVE-2021-39924 | 2021-11-19 | Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0... |
| CVE-2021-39925 | 2021-11-19 | Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0... |
| CVE-2021-39926 | 2021-11-19 | Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0... |
| CVE-2021-39929 | 2021-11-19 | Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0... |
| CVE-2021-44026 | 2021-11-19 | Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to... |
| CVE-2021-44025 | 2021-11-19 | Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to... |
| CVE-2021-44033 | 2021-11-19 | In Ionic Identity Vault before 5.0.5, the protection mechanism for... |
| CVE-2021-42338 | 2021-11-19 | 4MOSAn GCB Doctor - Improper Authorization |
| CVE-2021-36372 | 2021-11-19 | Original block tokens are persisted and can be retrieved |
| CVE-2021-39231 | 2021-11-19 | Missing authentication/authorization on internal RPC endpoints |
| CVE-2021-39232 | 2021-11-19 | Missing admin check for SCM related admin commands |
| CVE-2021-39233 | 2021-11-19 | Container-related datanode operations can be called without authorization |
| CVE-2021-39234 | 2021-11-19 | Raw block data can be read bypassing ACL/authorization |
| CVE-2021-39235 | 2021-11-19 | Access mode of block tokens are not enforced |
| CVE-2021-39236 | 2021-11-19 | Owners of the S3 tokens are not validated |
| CVE-2021-41532 | 2021-11-19 | Unauthenticated access to Ozone Recon HTTP endpoints |
| CVE-2021-3976 | 2021-11-19 | Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 |
| CVE-2021-41436 | 2021-11-19 | An HTTP request smuggling in web application in ASUS ROG... |
| CVE-2021-41435 | 2021-11-19 | A brute-force protection bypass in CAPTCHA protection in ASUS ROG... |
| CVE-2021-3973 | 2021-11-19 | Heap-based Buffer Overflow in vim/vim |
| CVE-2021-3968 | 2021-11-19 | Heap-based Buffer Overflow in vim/vim |
| CVE-2021-3963 | 2021-11-19 | Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 |
| CVE-2021-3961 | 2021-11-19 | Cross-site Scripting (XSS) - Stored in snipe/snipe-it |
| CVE-2021-3957 | 2021-11-19 | Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 |
| CVE-2021-3950 | 2021-11-19 | Cross-site Scripting (XSS) - Stored in django-helpdesk/django-helpdesk |
| CVE-2021-3920 | 2021-11-19 | Cross-site Scripting (XSS) - Stored in getgrav/grav-plugin-admin |
| CVE-2021-37592 | 2021-11-19 | Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion... |
| CVE-2021-39353 | 2021-11-19 | Easy Registration Forms <= 2.1.1 Cross-Site Request Forgery to Stored Cross-Site Scripting |
| CVE-2021-42363 | 2021-11-19 | Preview E-Mails for WooCommerce <= 1.6.8 Reflected Cross-Site Scripting |
| CVE-2021-43409 | 2021-11-19 | WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting |
| CVE-2021-43408 | 2021-11-19 | Duplicate Post WordPress Plugin SQL Injection Vulnerability |
| CVE-2021-33850 | 2021-11-19 | There is a Cross-Site Scripting vulnerability in Microsoft Clarity version... |
| CVE-2021-22053 | 2021-11-19 | Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to... |
| CVE-2021-36003 | 2021-11-19 | Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2021-22030 | 2021-11-19 | In versions of Greenplum database prior to 5.28.14 and 6.17.0,... |
| CVE-2021-3962 | 2021-11-19 | A flaw was found in ImageMagick where it did not... |
| CVE-2021-22028 | 2021-11-19 | In versions of Greenplum database prior to 5.28.6 and 6.14.0,... |
| CVE-2021-39923 | 2021-11-19 | Large loop in the PNRP dissector in Wireshark 3.4.0 to... |
| CVE-2021-29323 | 2021-11-19 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer... |
| CVE-2021-29324 | 2021-11-19 | OpenSource Moddable v10.5.0 was discovered to contain a stack overflow... |
| CVE-2021-29325 | 2021-11-19 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer... |
| CVE-2021-29326 | 2021-11-19 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer... |
| CVE-2021-29327 | 2021-11-19 | OpenSource Moddable v10.5.0 was discovered to contain a heap buffer... |
| CVE-2021-29328 | 2021-11-19 | OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in... |
| CVE-2021-29329 | 2021-11-19 | OpenSource Moddable v10.5.0 was discovered to contain a stack overflow... |
| CVE-2021-44036 | 2021-11-19 | Team Password Manager (aka TeamPasswordManager) before 10.135.236 has a CSRF... |
| CVE-2021-44037 | 2021-11-19 | Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning. |
| CVE-2021-41569 | 2021-11-19 | SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion.... |
| CVE-2021-42254 | 2021-11-19 | BeyondTrust Privilege Management prior to version 21.6 creates a Temporary... |
| CVE-2021-22969 | 2021-11-19 | Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF... |
| CVE-2021-22970 | 2021-11-19 | Concrete CMS (formerly concrete5) versions 8.5.6 and below and version... |
| CVE-2021-22966 | 2021-11-19 | Privilege escalation from Editor to Admin using Groups in Concrete... |
| CVE-2021-22951 | 2021-11-19 | Unauthorized individuals could view password protected files using view_inline in... |
| CVE-2021-22965 | 2021-11-19 | A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow... |
| CVE-2021-22967 | 2021-11-19 | In Concrete CMS (formerly concrete 5) below 8.5.7, IDOR Allows... |
| CVE-2021-22968 | 2021-11-19 | A bypass of adding remote files in Concrete CMS (previously... |
| CVE-2021-43555 | 2021-11-19 | mySCADA myDESIGNER |
| CVE-2021-36884 | 2021-11-19 | WordPress Backup Migration plugin <= 1.1.5 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability |
| CVE-2021-44038 | 2021-11-19 | An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod... |
| CVE-2021-26262 | 2021-11-19 | Philips MRI 1.5T and 3T Improper Access Control |
| CVE-2021-42744 | 2021-11-19 | Philips MRI 1.5T and 3T Information Exposure |
| CVE-2021-26248 | 2021-11-19 | Philips MRI 1.5T and 3T Incorrect Ownership Assignment |
| CVE-2021-40391 | 2021-11-19 | An out-of-bounds write vulnerability exists in the drill format T-code... |
| CVE-2021-23433 | 2021-11-19 | Prototype Pollution |
| CVE-2021-41280 | 2021-11-19 | OS command injection in Sharetribe Go |
| CVE-2021-39198 | 2021-11-19 | The disqualify lead action may be executed without CSRF token check |
| CVE-2021-34358 | 2021-11-20 | CSRF Vulnerability in QmailAgent |
| CVE-2021-38681 | 2021-11-20 | Reflected XSS Vulnerability in Ragic Cloud DB |
| CVE-2021-36306 | 2021-11-20 | Networking OS10, versions prior to October 2021 with RESTCONF API... |
| CVE-2021-36307 | 2021-11-20 | Networking OS10, versions prior to October 2021 with RESTCONF API... |
| CVE-2021-36308 | 2021-11-20 | Networking OS10, versions prior to October 2021 with Smart Fabric... |
| CVE-2021-36310 | 2021-11-20 | Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain... |
| CVE-2021-36319 | 2021-11-20 | Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an... |
| CVE-2021-36320 | 2021-11-20 | Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an... |
| CVE-2021-36321 | 2021-11-20 | Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an... |
| CVE-2021-36322 | 2021-11-20 | Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a... |
| CVE-2021-36340 | 2021-11-20 | Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information... |
| CVE-2021-1088 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in the... |
| CVE-2021-1105 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in the... |
| CVE-2021-1125 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in the... |
| CVE-2021-23201 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in an... |
| CVE-2021-23217 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in the... |
| CVE-2021-23219 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in the... |
| CVE-2021-34399 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in the... |
| CVE-2021-34400 | 2021-11-20 | NVIDIA GPU and Tegra hardware contain a vulnerability in the... |
| CVE-2021-28710 | 2021-11-21 | certain VT-d IOMMUs may not work in shared page table... |
| CVE-2021-44079 | 2021-11-22 | In the wazuh-slack active response script in Wazuh 4.2.x before... |