CVE List - 2021 / January
Showing 1301 - 1400 of 1514 CVEs for January 2021 (Page 14 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-35854 | 2021-01-25 | Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the... |
| CVE-2021-3278 | 2021-01-25 | Local Service Search Engine Management System 1.0 has a vulnerability... |
| CVE-2020-35513 | 2021-01-25 | A flaw incorrect umask during file or directory modification in... |
| CVE-2021-3185 | 2021-01-25 | A flaw was found in the gstreamer h264 component of... |
| CVE-2020-0236 | 2021-01-25 | In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of-bounds read... |
| CVE-2020-28221 | 2021-01-25 | A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator... |
| CVE-2021-22697 | 2021-01-25 | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability... |
| CVE-2021-22698 | 2021-01-25 | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability... |
| CVE-2020-25737 | 2021-01-25 | An elevation of privilege vulnerability exists in Hackolade versions prior... |
| CVE-2021-21272 | 2021-01-25 | zip slip in ORAS |
| CVE-2020-27814 | 2021-01-25 | A heap-buffer overflow was found in the way openjpeg2 handled... |
| CVE-2020-6779 | 2021-01-25 | Hard-coded Credentials in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server |
| CVE-2020-6780 | 2021-01-25 | Password Hash With Insufficient Computational Effort in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server |
| CVE-2020-16236 | 2021-01-25 | anasonic FPWIN Pro |
| CVE-2020-35843 | 2021-01-25 | FastStone Image Viewer 7.5 has an out-of-bounds write (via a... |
| CVE-2020-35844 | 2021-01-25 | FastStone Image Viewer 7.5 has an out-of-bounds write (via a... |
| CVE-2020-35845 | 2021-01-25 | FastStone Image Viewer 7.5 has an out-of-bounds write (via a... |
| CVE-2020-27540 | 2021-01-25 | Bash injection vulnerability and bypass of signature verification in Rostelecom... |
| CVE-2020-27539 | 2021-01-25 | Heap overflow with full parsing of HTTP respose in Rostelecom... |
| CVE-2020-27541 | 2021-01-25 | Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service... |
| CVE-2020-27542 | 2021-01-25 | Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The... |
| CVE-2021-21275 | 2021-01-25 | CSRF in MediaWiki Report extension |
| CVE-2021-3156 | 2021-01-26 | Sudo before 1.9.5p2 contains an off-by-one error that can result... |
| CVE-2020-28998 | 2021-01-26 | An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices.... |
| CVE-2020-28999 | 2021-01-26 | An issue was discovered in Apexis Streaming Video Web Application... |
| CVE-2020-29000 | 2021-01-26 | An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices.... |
| CVE-2020-29001 | 2021-01-26 | An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni... |
| CVE-2021-3115 | 2021-01-26 | Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is... |
| CVE-2021-3114 | 2021-01-26 | In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can... |
| CVE-2021-26267 | 2021-01-26 | cPanel before 92.0.9 allows a MySQL user (who has an... |
| CVE-2021-26266 | 2021-01-26 | cPanel before 92.0.9 allows a Reseller to bypass the suspension... |
| CVE-2021-3223 | 2021-01-26 | Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. |
| CVE-2021-3304 | 2021-01-26 | Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow... |
| CVE-2021-3291 | 2021-01-26 | Zen Cart 1.5.7b allows admins to execute arbitrary OS commands... |
| CVE-2020-36011 | 2021-01-26 | A cross-site scripting (XSS) issue in Add Patient Form in... |
| CVE-2021-25863 | 2021-01-26 | Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password... |
| CVE-2021-25864 | 2021-01-26 | node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile... |
| CVE-2021-3297 | 2021-01-26 | On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to... |
| CVE-2021-21615 | 2021-01-26 | Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using... |
| CVE-2020-17522 | 2021-01-26 | When ORT (now via atstccfg) generates ip_allow.config files in Apache... |
| CVE-2020-25173 | 2021-01-26 | Reolink P2P Cameras |
| CVE-2020-25169 | 2021-01-26 | Reolink P2P Cameras |
| CVE-2020-27288 | 2021-01-26 | An untrusted pointer dereference has been identified in the way... |
| CVE-2020-27280 | 2021-01-26 | A use after free issue has been identified in the... |
| CVE-2020-27284 | 2021-01-26 | TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write... |
| CVE-2020-9492 | 2021-01-26 | In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and... |
| CVE-2020-4889 | 2021-01-26 | IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow... |
| CVE-2020-4949 | 2021-01-26 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is... |
| CVE-2020-8293 | 2021-01-26 | A missing input validation in Nextcloud Server before 20.0.2, 19.0.5,... |
| CVE-2020-8295 | 2021-01-26 | A wrong check in Nextcloud Server 19 and prior allowed... |
| CVE-2020-23447 | 2021-01-26 | newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users... |
| CVE-2020-23448 | 2021-01-26 | newbee-mall all versions are affected by incorrect access control to... |
| CVE-2020-23449 | 2021-01-26 | newbee-mall all versions are affected by incorrect access control to... |
| CVE-2020-35263 | 2021-01-26 | EgavilanMedia User Registration & Login System 1.0 is affected by... |
| CVE-2021-23272 | 2021-01-26 | TIBCO BPM Cross Site Scripting (XSS) |
| CVE-2020-13582 | 2021-01-26 | A denial-of-service vulnerability exists in the HTTP Server functionality of... |
| CVE-2020-27274 | 2021-01-26 | Some parsing functions in the affected product do not check... |
| CVE-2020-27299 | 2021-01-26 | The affected product is vulnerable to an out-of-bounds read, which... |
| CVE-2020-27297 | 2021-01-26 | The affected product is vulnerable to a heap-based buffer overflow,... |
| CVE-2020-27295 | 2021-01-26 | The affected product has uncontrolled resource consumption issues, which may... |
| CVE-2021-22159 | 2021-01-26 | Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The... |
| CVE-2021-3308 | 2021-01-26 | An issue was discovered in Xen 4.12.3 through 4.12.4 and... |
| CVE-2021-3309 | 2021-01-26 | packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though... |
| CVE-2021-21278 | 2021-01-26 | Risk of code injection in RSSHub |
| CVE-2021-26271 | 2021-01-26 | It was possible to execute a ReDoS-type attack inside CKEditor... |
| CVE-2021-26272 | 2021-01-26 | It was possible to execute a ReDoS-type attack inside CKEditor... |
| CVE-2021-21283 | 2021-01-26 | XSS in Flarum Sticky extension. |
| CVE-2021-21271 | 2021-01-26 | Denial of service in TenderMint Core |
| CVE-2020-23774 | 2021-01-26 | A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5,... |
| CVE-2020-23776 | 2021-01-26 | A SSRF vulnerability exists in Winmail 6.5 in app.php in... |
| CVE-2021-1070 | 2021-01-26 | NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2,... |
| CVE-2021-1071 | 2021-01-26 | NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier... |
| CVE-2021-3317 | 2021-01-26 | KLog Server through 2.4.1 allows authenticated command injection. async.php calls... |
| CVE-2021-3165 | 2021-01-26 | SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser... |
| CVE-2013-2512 | 2021-01-26 | The ftpd gem 0.2.1 for Ruby allows remote attackers to... |
| CVE-2021-26117 | 2021-01-27 | ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind |
| CVE-2021-3326 | 2021-01-27 | The iconv function in the GNU C Library (aka glibc... |
| CVE-2021-3272 | 2021-01-27 | jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a... |
| CVE-2020-36012 | 2021-01-27 | Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0... |
| CVE-2020-4628 | 2021-01-27 | IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could... |
| CVE-2020-4815 | 2021-01-27 | IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a... |
| CVE-2020-4816 | 2021-01-27 | IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a... |
| CVE-2020-4820 | 2021-01-27 | IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to... |
| CVE-2020-4967 | 2021-01-27 | IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive... |
| CVE-2020-23352 | 2021-01-27 | Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP... |
| CVE-2020-23355 | 2021-01-27 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate()... |
| CVE-2020-23356 | 2021-01-27 | dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass... |
| CVE-2020-23359 | 2021-01-27 | WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during... |
| CVE-2020-23360 | 2021-01-27 | oscommerce v2.3.4.1 has a functional problem in user registration and... |
| CVE-2020-23361 | 2021-01-27 | phpList 3.5.3 allows type juggling for login bypass because ==... |
| CVE-2021-25312 | 2021-01-27 | HTCondor before 8.9.11 allows a user to submit a job... |
| CVE-2021-25311 | 2021-01-27 | condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the... |
| CVE-2020-4524 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This... |
| CVE-2020-4547 | 2021-01-27 | IBM Jazz Foundation products could allow a remote attacker to... |
| CVE-2020-4855 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This... |
| CVE-2020-4865 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This... |
| CVE-2021-20357 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This... |
| CVE-2020-4189 | 2021-01-27 | IBM Security Guardium 11.2 discloses sensitive information in the response... |
| CVE-2020-4786 | 2021-01-27 | IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0... |
| CVE-2020-4787 | 2021-01-27 | IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0... |