CVE List - 2021 / December
Showing 101 - 200 of 1978 CVEs for December 2021 (Page 2 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-44050 | 2021-12-02 | CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a... |
| CVE-2021-40334 | 2021-12-02 | SSH activation problem in the proprietary management protocol (port TCP 5558) |
| CVE-2021-40333 | 2021-12-02 | Weak default credential associated with TCP port 26 |
| CVE-2021-43327 | 2021-12-02 | An issue was discovered on Renesas RX65 and RX65N devices.... |
| CVE-2021-28236 | 2021-12-02 | LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference... |
| CVE-2021-28237 | 2021-12-02 | LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via... |
| CVE-2020-29176 | 2021-12-02 | An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows attackers... |
| CVE-2020-29177 | 2021-12-02 | Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion... |
| CVE-2021-25783 | 2021-12-02 | Taocms v2.5Beta5 was discovered to contain a blind SQL injection... |
| CVE-2021-25784 | 2021-12-02 | Taocms v2.5Beta5 was discovered to contain a blind SQL injection... |
| CVE-2021-25785 | 2021-12-02 | Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2021-4000 | 2021-12-03 | Open Redirect in star7th/showdoc |
| CVE-2021-43772 | 2021-12-03 | Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that... |
| CVE-2021-44019 | 2021-12-03 | An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security... |
| CVE-2021-44020 | 2021-12-03 | An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security... |
| CVE-2021-44021 | 2021-12-03 | An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security... |
| CVE-2021-44022 | 2021-12-03 | A reachable assertion vulnerability in Trend Micro Apex One could... |
| CVE-2021-43673 | 2021-12-03 | dzzoffice 2.02.1_SC_UTF8 is affected by a Cross Site Scripting (XSS)... |
| CVE-2021-43674 | 2021-12-03 | ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in... |
| CVE-2021-44278 | 2021-12-03 | Librenms 21.11.0 is affected by a path manipulation vulnerability in... |
| CVE-2021-43676 | 2021-12-03 | matyhtf framework v3.0.5 is affected by a path manipulation vulnerability... |
| CVE-2021-43991 | 2021-12-03 | Persistent XSS via Avatar Upload in Kentico Xperience CMS |
| CVE-2021-3980 | 2021-12-03 | Exposure of Private Personal Information to an Unauthorized Actor in elgg/elgg |
| CVE-2021-20470 | 2021-12-03 | IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that... |
| CVE-2021-20493 | 2021-12-03 | IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site... |
| CVE-2021-29716 | 2021-12-03 | IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low... |
| CVE-2021-29719 | 2021-12-03 | IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to... |
| CVE-2021-29756 | 2021-12-03 | IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site... |
| CVE-2021-29867 | 2021-12-03 | IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated... |
| CVE-2021-38909 | 2021-12-03 | IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site... |
| CVE-2021-44352 | 2021-12-03 | A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15... |
| CVE-2021-44347 | 2021-12-03 | SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.class.php. |
| CVE-2021-44348 | 2021-12-03 | SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id... |
| CVE-2021-44349 | 2021-12-03 | SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id... |
| CVE-2021-35344 | 2021-12-03 | tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow... |
| CVE-2021-35346 | 2021-12-03 | tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow... |
| CVE-2021-23562 | 2021-12-03 | Arbitrary File Upload |
| CVE-2021-23758 | 2021-12-03 | Deserialization of Untrusted Data |
| CVE-2021-35413 | 2021-12-03 | A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo... |
| CVE-2021-35414 | 2021-12-03 | Chamilo LMS v1.11.x was discovered to contain a SQL injection... |
| CVE-2021-35415 | 2021-12-03 | A stored cross-site scripting (XSS) vulnerability allows attackers to execute... |
| CVE-2021-43415 | 2021-12-03 | HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and... |
| CVE-2021-4005 | 2021-12-04 | Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii |
| CVE-2021-37253 | 2021-12-05 | M-Files Web before 20.10.9524.1 allows a denial of service via... |
| CVE-2021-44044 | 2021-12-05 | An out-of-bounds write vulnerability exists when reading a JPG file... |
| CVE-2021-44045 | 2021-12-05 | An out-of-bounds write vulnerability exists when reading a DGN file... |
| CVE-2021-44046 | 2021-12-05 | An out-of-bounds write vulnerability exists when reading U3D files in... |
| CVE-2021-44047 | 2021-12-05 | A use-after-free vulnerability exists when reading a DWF/DWFX file using... |
| CVE-2021-44048 | 2021-12-05 | An out-of-bounds write vulnerability exists when reading a TIF file... |
| CVE-2021-4069 | 2021-12-06 | Use After Free in vim/vim |
| CVE-2021-43033 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43034 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43035 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43036 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43037 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43038 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43039 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43040 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43041 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43042 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43043 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43044 | 2021-12-06 | An issue was discovered in Kaseya Unitrends Backup Appliance before... |
| CVE-2021-43784 | 2021-12-06 | Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration |
| CVE-2021-43469 | 2021-12-06 | VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability... |
| CVE-2021-43471 | 2021-12-06 | In Canon LBP223 printers, the System Manager Mode login does... |
| CVE-2021-24714 | 2021-12-06 | WP All Import < 3.6.3 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24718 | 2021-12-06 | ARForms Form Builder < 1.5 - Admin+ Stored Cross Site Scripting |
| CVE-2021-24759 | 2021-12-06 | PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting |
| CVE-2021-24866 | 2021-12-06 | WP Data Access < 5.0.0 - Admin+ SQL Injection |
| CVE-2021-24914 | 2021-12-06 | Tawk.to Live Chat < 0.6.0 - Subscriber+ Visitor Monitoring & Chat Removal |
| CVE-2021-24917 | 2021-12-06 | WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header |
| CVE-2021-24924 | 2021-12-06 | Email Log < 2.4.8 - Reflected Cross-Site Scripting |
| CVE-2021-24930 | 2021-12-06 | Bookly < 20.3.1 - Staff Member Stored Cross-Site Scripting |
| CVE-2021-24931 | 2021-12-06 | Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection |
| CVE-2021-24935 | 2021-12-06 | WP Google Fonts < 3.1.5 - Reflected Cross-Site Scripting |
| CVE-2021-24938 | 2021-12-06 | WooCommerce Currency Switcher < 1.3.7.1 - Reflected Cross-Site Scripting |
| CVE-2021-24939 | 2021-12-06 | LoginWP < 3.0.0.5 - Reflected Cross-Site Scripting |
| CVE-2021-24943 | 2021-12-06 | Registrations for the Events Calendar < 2.7.6 - Unauthenticated SQL Injection |
| CVE-2021-25041 | 2021-12-06 | Photo Gallery by 10Web < 1.5.68 - Reflected Cross-Site Scripting (XSS) |
| CVE-2021-35245 | 2021-12-06 | Broken Access Control Vulnerability for SolarWinds Serv-U |
| CVE-2021-35242 | 2021-12-06 | A valid CSRF token is present in response to an invalid request |
| CVE-2021-36198 | 2021-12-06 | Entrapass |
| CVE-2021-39890 | 2021-12-06 | It was possible to bypass 2FA for LDAP users and... |
| CVE-2021-22170 | 2021-12-06 | Assuming a database breach, nonce reuse issues in GitLab 11.6+... |
| CVE-2021-43936 | 2021-12-06 | Distributed Data Systems WebHM |
| CVE-2021-43931 | 2021-12-06 | Distributed Data Systems WebHM |
| CVE-2021-43781 | 2021-12-06 | Permissions not properly checked in Invenio-Drafts-Resources |
| CVE-2021-43800 | 2021-12-06 | Asset directory traversal with some storage modules on Windows |
| CVE-2021-40091 | 2021-12-06 | An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654. |
| CVE-2021-4075 | 2021-12-06 | Server-Side Request Forgery (SSRF) in snipe/snipe-it |
| CVE-2021-36564 | 2021-12-06 | ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via... |
| CVE-2021-36567 | 2021-12-06 | ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via... |
| CVE-2021-40313 | 2021-12-06 | Piwigo v11.5 was discovered to contain a SQL injection vulnerability... |
| CVE-2021-31631 | 2021-12-06 | b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request... |
| CVE-2021-31632 | 2021-12-06 | b2evolution CMS v7.2.3 was discovered to contain a SQL injection... |
| CVE-2021-44682 | 2021-12-06 | An issue (6 of 6) was discovered in Veritas Enterprise... |
| CVE-2021-44681 | 2021-12-06 | An issue (5 of 6) was discovered in Veritas Enterprise... |
| CVE-2021-44680 | 2021-12-06 | An issue (4 of 6) was discovered in Veritas Enterprise... |
| CVE-2021-44679 | 2021-12-06 | An issue (3 of 6) was discovered in Veritas Enterprise... |
| CVE-2021-44678 | 2021-12-06 | An issue (2 of 6) was discovered in Veritas Enterprise... |