CVE List - 2021 / December
Showing 1201 - 1300 of 1978 CVEs for December 2021 (Page 13 of 20)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-43750 | 2021-12-20 | Adobe Premiere Rush NULL Pointer Dereference Local Denial-of-Service |
| CVE-2021-43746 | 2021-12-20 | Adobe Premiere Rush MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2021-44179 | 2021-12-20 | Adobe Dimension GIF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| CVE-2021-43763 | 2021-12-20 | Adobe Dimension TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2021-44182 | 2021-12-20 | Adobe Dimension SVG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2021-44183 | 2021-12-20 | Adobe Dimension TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2021-44180 | 2021-12-20 | Adobe Dimension PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2021-44181 | 2021-12-20 | Adobe Dimension GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2021-44699 | 2021-12-20 | Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2021-44698 | 2021-12-20 | Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2021-44697 | 2021-12-20 | Adobe Audition MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2021-38409 | 2021-12-20 | Fuji Electric Tellus Lite V-Simulator uninitialized pointer |
| CVE-2021-38401 | 2021-12-20 | Fuji Electric Tellus Lite V-Simulator untrusted pointer dereference |
| CVE-2021-38415 | 2021-12-20 | Fuji Electric Tellus Lite V-Simulator heap based buffer overflow |
| CVE-2021-38421 | 2021-12-20 | Fuji Electric Tellus Lite V-Simulator out of bounds read |
| CVE-2021-38413 | 2021-12-20 | Fuji Electric Tellus Lite V-Simulator stack based buffer overflow |
| CVE-2021-38419 | 2021-12-20 | Fuji Electric Tellus Lite V-Simulator out of bounds write |
| CVE-2021-42809 | 2021-12-20 | The Sentinel Protection Installer 7.7.0 does not properly restrict loading Dynamic Link Library |
| CVE-2021-42138 | 2021-12-20 | A user of a machine protected by SafeNet Agent for... |
| CVE-2021-42808 | 2021-12-20 | The Sentinel Protection Installer 7.7.0 creates files and directory with all privileges granting any user full permissions. |
| CVE-2021-43843 | 2021-12-20 | Insufficient patch for Regular Expression Denial of Service (ReDoS) to jsx-slack v4.5.1 |
| CVE-2021-43844 | 2021-12-20 | Externally Controlled Reference to a Resource in Another Sphere in MSEdgeRedirect |
| CVE-2021-43846 | 2021-12-20 | CSRF forgery protection bypass for Spree::OrdersController#populate |
| CVE-2021-43847 | 2021-12-20 | Authorization Bypass in Space Invite in HumHub |
| CVE-2021-43842 | 2021-12-20 | Stored XSS via SVG file upload in Wiki.js |
| CVE-2021-45291 | 2021-12-21 | The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to... |
| CVE-2021-45292 | 2021-12-21 | The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause... |
| CVE-2021-45297 | 2021-12-21 | An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. |
| CVE-2021-45450 | 2021-12-21 | In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv... |
| CVE-2021-45451 | 2021-12-21 | In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or... |
| CVE-2021-24578 | 2021-12-21 | SportsPress < 2.7.9 - Reflected Cross-Site Scripting |
| CVE-2021-24738 | 2021-12-21 | Logo Carousel < 3.4.2 - Contributor+ Stored Cross-Site Scripting |
| CVE-2021-24739 | 2021-12-21 | Logo Carousel < 3.4.2 - Unauthorised Private Post Access |
| CVE-2021-24750 | 2021-12-21 | WP Visitor Statistics (Real Time Traffic) < 4.8 - Subscriber+ SQL Injection |
| CVE-2021-24846 | 2021-12-21 | Ni WooCommerce Custom Order Status < 1.9.7 - Subscriber+ SQL Injection |
| CVE-2021-24849 | 2021-12-21 | WCFM - WooCommerce Multivendor Marketplace < 3.4.12 - Unauthenticated SQL Injection |
| CVE-2021-24907 | 2021-12-21 | Everest Forms < 1.8.0 - Reflected Cross-Site Scripting |
| CVE-2021-24941 | 2021-12-21 | Icegram < 2.0.5 - Reflected Cross-Site Scripting |
| CVE-2021-24956 | 2021-12-21 | Blog2Social < 6.8.7 - Reflected Cross-Site Scripting |
| CVE-2021-24981 | 2021-12-21 | Directorist – Business Directory Plugin < 7.0.6.2 - CSRF to Remote File Upload |
| CVE-2021-45252 | 2021-12-21 | Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System... |
| CVE-2021-45253 | 2021-12-21 | The id parameter in view_storage.php from Simple Cold Storage Management... |
| CVE-2021-45255 | 2021-12-21 | The email parameter from ajax.php of Video Sharing Website 1.0... |
| CVE-2021-4139 | 2021-12-21 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2021-45091 | 2021-12-21 | Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access... |
| CVE-2021-45089 | 2021-12-21 | Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. |
| CVE-2021-45090 | 2021-12-21 | Stormshield Endpoint Security before 2.1.2 allows remote code execution. |
| CVE-2012-20001 | 2021-12-21 | PrestaShop before 1.5.2 allows XSS via the "<object data='data:text/html" substring... |
| CVE-2021-44877 | 2021-12-21 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect... |
| CVE-2021-44875 | 2021-12-21 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User... |
| CVE-2021-44876 | 2021-12-21 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User... |
| CVE-2021-44874 | 2021-12-21 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure... |
| CVE-2021-43839 | 2021-12-21 | Drainage of FeeCollector's Block Transaction Fees |
| CVE-2021-45288 | 2021-12-21 | A Double Free vulnerability exists in filedump.c in GPAC 1.0.1,... |
| CVE-2021-36316 | 2021-12-21 | Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and... |
| CVE-2021-36317 | 2021-12-21 | Dell EMC Avamar Server version 19.4 contains a plain-text password... |
| CVE-2021-36318 | 2021-12-21 | Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... |
| CVE-2021-36336 | 2021-12-21 | Wyse Management Suite 3.3.1 and below versions contain a deserialization... |
| CVE-2021-36337 | 2021-12-21 | Dell Wyse Management Suite version 3.3.1 and prior support insecure... |
| CVE-2021-36341 | 2021-12-21 | Dell Wyse Device Agent version 14.5.4.1 and below contain a... |
| CVE-2021-36350 | 2021-12-21 | Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by... |
| CVE-2021-43587 | 2021-12-21 | Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0,... |
| CVE-2021-45289 | 2021-12-21 | A vulnerability exists in GPAC 1.0.1 due to an omission... |
| CVE-2021-45290 | 2021-12-21 | A Denial of Service vulnerability exits in Binaryen 103 due... |
| CVE-2020-19770 | 2021-12-21 | A cross-site scripting (XSS) vulnerability in the system bulletin component... |
| CVE-2021-44207 | 2021-12-21 | Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. |
| CVE-2021-45293 | 2021-12-21 | A Denial of Service vulnerability exists in Binaryen 103 due... |
| CVE-2021-27445 | 2021-12-21 | Mesa Labs AmegaView Improper Privilege Management |
| CVE-2021-27449 | 2021-12-21 | Mesa Labs AmegaView Command Injection |
| CVE-2021-27453 | 2021-12-21 | Mesa Labs AmegaView authentication bypass |
| CVE-2021-27447 | 2021-12-21 | Mesa Labs AmegaView command injection |
| CVE-2021-27451 | 2021-12-21 | Mesa Labs AmegaView improper authentication |
| CVE-2021-44422 | 2021-12-21 | An Improper Input Validation Vulnerability exists when reading a BMP... |
| CVE-2021-44423 | 2021-12-21 | An out-of-bounds read vulnerability exists when reading a BMP file... |
| CVE-2021-44860 | 2021-12-21 | An out-of-bounds read vulnerability exists when reading a TIF file... |
| CVE-2021-44859 | 2021-12-21 | An out-of-bounds read vulnerability exists when reading a TGA file... |
| CVE-2021-38893 | 2021-12-21 | IBM Business Process Manager 8.5 and 8.6 and IBM Business... |
| CVE-2021-38900 | 2021-12-21 | IBM Business Process Manager 8.5 and 8.6 and IBM Business... |
| CVE-2021-38966 | 2021-12-21 | IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site... |
| CVE-2021-44917 | 2021-12-21 | A Divide by Zero vulnerability exists in gnuplot 5.4 in... |
| CVE-2021-44918 | 2021-12-21 | A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in... |
| CVE-2021-44919 | 2021-12-21 | A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function... |
| CVE-2021-44920 | 2021-12-21 | An invalid memory address dereference vulnerability exists in gpac 1.1.0... |
| CVE-2021-44921 | 2021-12-21 | A null pointer dereference vulnerability exists in gpac 1.1.0 in... |
| CVE-2021-44922 | 2021-12-21 | A null pointer dereference vulnerability exists in gpac 1.1.0 in... |
| CVE-2021-44923 | 2021-12-21 | A null pointer dereference vulnerability exists in gpac 1.1.0 in... |
| CVE-2021-44924 | 2021-12-21 | An infinite loop vulnerability exists in gpac 1.1.0 in the... |
| CVE-2021-44925 | 2021-12-21 | A null pointer dereference vulnerability exists in gpac 1.1.0 in... |
| CVE-2021-44926 | 2021-12-21 | A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in... |
| CVE-2021-44927 | 2021-12-21 | A null pointer dereference vulnerability exists in gpac 1.1.0 in... |
| CVE-2021-43851 | 2021-12-21 | SQL injection vulnerability in anuko timetracker |
| CVE-2021-37706 | 2021-12-22 | Potential integer underflow upon receiving STUN message in PJSIP |
| CVE-2021-40393 | 2021-12-22 | An out-of-bounds write vulnerability exists in the RS-274X aperture macro... |
| CVE-2021-40394 | 2021-12-22 | An out-of-bounds write vulnerability exists in the RS-274X aperture macro... |
| CVE-2021-43804 | 2021-12-22 | Out-of-bounds read when parsing RTCP BYE message in PJSIP |
| CVE-2021-44733 | 2021-12-22 | A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in... |
| CVE-2021-45262 | 2021-12-22 | An invalid free vulnerability exists in gpac 1.1.0 via the... |
| CVE-2021-45263 | 2021-12-22 | An invalid free vulnerability exists in gpac 1.1.0 via the... |
| CVE-2021-45267 | 2021-12-22 | An invalid memory address dereference vulnerability exists in gpac 1.1.0... |
| CVE-2021-44028 | 2021-12-22 | XXE can occur in Quest KACE Desktop Authority before 11.2... |