CVE List - 2021 / December
Showing 1801 - 1900 of 1978 CVEs for December 2021 (Page 19 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-24988 | 2021-12-27 | WP RSS Aggregator < 4.19.3 - Subscriber+ Stored Cross-Site Scripting |
| CVE-2021-24992 | 2021-12-27 | Buttonizer - Smart Floating Action Button < 2.5.5 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24997 | 2021-12-27 | WP Guppy < 1.3 - Sensitive Information Disclosure |
| CVE-2021-24998 | 2021-12-27 | Simple JWT Login < 3.3.0 - Insecure Password Creation |
| CVE-2021-45843 | 2021-12-27 | glFusion CMS v1.7.9 is affected by a reflected Cross Site... |
| CVE-2021-45788 | 2021-12-27 | Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via... |
| CVE-2021-45789 | 2021-12-27 | An arbitrary file read vulnerability was found in Metersphere v1.15.4,... |
| CVE-2021-45790 | 2021-12-27 | An arbitrary file upload vulnerability was found in Metersphere v1.15.4.... |
| CVE-2021-4173 | 2021-12-27 | Use After Free in vim/vim |
| CVE-2021-45335 | 2021-12-27 | Sandbox component in Avast Antivirus prior to 20.4 has an... |
| CVE-2021-45336 | 2021-12-27 | Privilege escalation vulnerability in the Sandbox component of Avast Antivirus... |
| CVE-2021-45337 | 2021-12-27 | Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus... |
| CVE-2021-45338 | 2021-12-27 | Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4... |
| CVE-2021-45339 | 2021-12-27 | Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows... |
| CVE-2021-45232 | 2021-12-27 | security vulnerability on unauthorized access. |
| CVE-2021-38961 | 2021-12-27 | IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability... |
| CVE-2021-43856 | 2021-12-27 | Stored XSS in non-image uploads in Requarks/wiki |
| CVE-2021-43855 | 2021-12-27 | Stored XSS via SVG in Requarks/wiki |
| CVE-2021-43857 | 2021-12-27 | Gerapy may contain remote code execution vulnerability |
| CVE-2021-35232 | 2021-12-27 | Hard credentials discovered in SolarWinds Web Help Desk which allows to execute Arbitrary Hibernate Queries |
| CVE-2021-4161 | 2021-12-27 | ICSA-21-357-01 Moxa MGate Protocol Gateways |
| CVE-2021-32993 | 2021-12-27 | Philips IntelliBridge EC 40 and EC 80 Hub Use of Hard-coded Credentials |
| CVE-2021-33017 | 2021-12-27 | Philips IntelliBridge EC 40 and EC 80 Hub Authentication Bypass Using an Alternate Path or Channel |
| CVE-2021-43552 | 2021-12-27 | Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of Hard-coded Cryptographic Key |
| CVE-2021-43548 | 2021-12-27 | Philips Patient Information Center iX (PIC iX) and Efficia CM Series Improper Input Validation |
| CVE-2021-43550 | 2021-12-27 | Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm |
| CVE-2021-23244 | 2021-12-27 | ColorOS pregrant dangerous permissions to apps which are listed in... |
| CVE-2021-21750 | 2021-12-27 | ZTE BigVideo Analysis product has a privilege escalation vulnerability. Due... |
| CVE-2021-21751 | 2021-12-27 | ZTE BigVideo analysis product has an input verification vulnerability. Due... |
| CVE-2021-45890 | 2021-12-27 | basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive... |
| CVE-2021-45895 | 2021-12-27 | Netgen Tags Bundle 3.4.x before 3.4.11 and 4.0.x before 4.0.15... |
| CVE-2020-20943 | 2021-12-27 | A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&step=post of Qibosoft v7... |
| CVE-2020-20944 | 2021-12-27 | An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to... |
| CVE-2020-20945 | 2021-12-27 | A Cross-Site Request Forgery (CSRF) in /admin/index.php?lfj=member&action=editmember of Qibosoft v7... |
| CVE-2020-20946 | 2021-12-27 | Qibosoft v7 contains a stored cross-site scripting (XSS) vulnerability in... |
| CVE-2020-20948 | 2021-12-27 | An arbitrary file download vulnerability in jeecg v3.8 allows attackers... |
| CVE-2021-43858 | 2021-12-27 | User privilege escalation in MinIO |
| CVE-2021-45896 | 2021-12-27 | Nokia FastMile 3TG00118ABAD52 devices allow privilege escalation by an authenticated... |
| CVE-2021-45884 | 2021-12-27 | In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based... |
| CVE-2020-21236 | 2021-12-27 | A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to... |
| CVE-2020-21237 | 2021-12-27 | An issue in the user login box of LJCMS v1.11... |
| CVE-2020-21238 | 2021-12-27 | An issue in the user login box of CSCMS v4.0... |
| CVE-2021-45906 | 2021-12-27 | OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen. |
| CVE-2021-45905 | 2021-12-27 | OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen. |
| CVE-2021-45904 | 2021-12-27 | OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name... |
| CVE-2021-45907 | 2021-12-28 | An issue was discovered in gif2apng 1.9. There is a... |
| CVE-2021-45911 | 2021-12-28 | An issue was discovered in gif2apng 1.9. There is a... |
| CVE-2021-45910 | 2021-12-28 | An issue was discovered in gif2apng 1.9. There is a... |
| CVE-2021-45909 | 2021-12-28 | An issue was discovered in gif2apng 1.9. There is a... |
| CVE-2021-45908 | 2021-12-28 | An issue was discovered in gif2apng 1.9. There is a... |
| CVE-2021-20873 | 2021-12-28 | Yappli is an application development platform which provides the function... |
| CVE-2021-4177 | 2021-12-28 | Generation of Error Message Containing Sensitive Information in livehelperchat/livehelperchat |
| CVE-2021-4179 | 2021-12-28 | Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat |
| CVE-2021-35031 | 2021-12-28 | A vulnerability in the TFTP client of Zyxel GS1900 series... |
| CVE-2021-35032 | 2021-12-28 | A vulnerability in the 'libsal.so' of the Zyxel GS1900 series... |
| CVE-2021-40579 | 2021-12-28 | https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free... |
| CVE-2021-37401 | 2021-12-28 | An attacker may obtain the user credentials from file servers,... |
| CVE-2021-37400 | 2021-12-28 | An attacker may obtain the user credentials from the communication... |
| CVE-2021-45425 | 2021-12-28 | Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3... |
| CVE-2018-17875 | 2021-12-28 | A remote code execution issue in the ping command on... |
| CVE-2019-20082 | 2021-12-28 | ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a... |
| CVE-2021-45903 | 2021-12-28 | A persistent cross-site scripting (XSS) issue in the web interface... |
| CVE-2021-45812 | 2021-12-28 | NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a... |
| CVE-2021-45813 | 2021-12-28 | SLICAN WebCTI 1.01 2015 is affected by a Cross Site... |
| CVE-2021-45814 | 2021-12-28 | Nettmp NNT 5.1 is affected by a SQL injection vulnerability.... |
| CVE-2021-42583 | 2021-12-28 | A Broken or Risky Cryptographic Algorithm exists in Max Mazurov... |
| CVE-2021-43556 | 2021-12-28 | FATEK Automation WinProladder |
| CVE-2021-43554 | 2021-12-28 | FATEK Automation WinProladder |
| CVE-2020-7878 | 2021-12-28 | An arbitrary file download and execution vulnerability was found in... |
| CVE-2020-7883 | 2021-12-28 | Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could... |
| CVE-2020-22057 | 2021-12-28 | The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC... |
| CVE-2020-22061 | 2021-12-28 | SUPERAntispyware v8.0.0.1050 was discovered to contain an issue in the... |
| CVE-2021-44832 | 2021-12-28 | Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration |
| CVE-2021-44160 | 2021-12-29 | Carinal Tien Hospital Health Report System - Authorization Bypass Through User-Controlled Key |
| CVE-2021-44161 | 2021-12-29 | Changing Information Technology Inc. MOTP(Mobile One Time Password) - SQL Injection |
| CVE-2021-25988 | 2021-12-29 | ifme - Stored Cross-Site Scripting (XSS) in Notifications section |
| CVE-2021-25989 | 2021-12-29 | ifme - Stored Cross-Site Scripting (XSS) in Groups section |
| CVE-2021-25990 | 2021-12-29 | ifme - Stored Cross-Site Scripting (XSS) in Contacts section |
| CVE-2021-25991 | 2021-12-29 | ifme - Improper Access Control leads to admin deactivation |
| CVE-2021-35034 | 2021-12-29 | An insufficient session expiration vulnerability in the CGI program of... |
| CVE-2021-35035 | 2021-12-29 | A cleartext storage of sensitive information vulnerability in the Zyxel... |
| CVE-2021-38680 | 2021-12-29 | Reflected XSS in Kazoo Server |
| CVE-2021-38687 | 2021-12-29 | Stack Overflow Vulnerability in Surveillance Station |
| CVE-2021-38688 | 2021-12-29 | Improper Authentication in Qfile |
| CVE-2021-36723 | 2021-12-29 | Emuse - eServices / eNvoice Exposure Of Private Personal Information |
| CVE-2021-36722 | 2021-12-29 | Emuse - eServices / eNvoice SQL injection |
| CVE-2021-4176 | 2021-12-29 | Cross-site Scripting (XSS) - Reflected in livehelperchat/livehelperchat |
| CVE-2021-4175 | 2021-12-29 | Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat |
| CVE-2021-45885 | 2021-12-29 | An issue was discovered in Stormshield Network Security (SNS) 4.2.2... |
| CVE-2021-23727 | 2021-12-29 | Stored Command Injection |
| CVE-2021-25993 | 2021-12-29 | Requarks wiki.js - Stored Cross-Site Scripting (XSS) in markdown editor |
| CVE-2021-36724 | 2021-12-29 | ForeScout - SecureConnector Local Service DoS |
| CVE-2021-4187 | 2021-12-29 | Use After Free in vim/vim |
| CVE-2021-43876 | 2021-12-29 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| CVE-2021-4181 | 2021-12-30 | Crash in the Sysdig Event dissector in Wireshark 3.6.0 and... |
| CVE-2021-4182 | 2021-12-30 | Crash in the RFC 7468 dissector in Wireshark 3.6.0 and... |
| CVE-2021-4183 | 2021-12-30 | Crash in the pcapng file parser in Wireshark 3.6.0 allows... |
| CVE-2021-4184 | 2021-12-30 | Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0... |
| CVE-2021-4185 | 2021-12-30 | Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and... |
| CVE-2021-4186 | 2021-12-30 | Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10... |