CVE List - 2021 / February
Showing 901 - 1000 of 1455 CVEs for February 2021 (Page 10 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-21316 | 2021-02-16 | Arbitrary code execution in less-openui5 |
| CVE-2021-21317 | 2021-02-16 | Denial of Service in uap-core |
| CVE-2021-27237 | 2021-02-16 | The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php. |
| CVE-2020-29457 | 2021-02-16 | A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection. |
| CVE-2020-11635 | 2021-02-16 | The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which... |
| CVE-2021-20067 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication. |
| CVE-2021-20068 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages. |
| CVE-2021-20069 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs. |
| CVE-2021-20073 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries. |
| CVE-2021-20074 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands. |
| CVE-2021-20075 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd. |
| CVE-2021-20070 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs. |
| CVE-2021-20071 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs. |
| CVE-2021-20072 | 2021-02-16 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral. |
| CVE-2021-20066 | 2021-02-16 | JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled. |
| CVE-2021-27203 | 2021-02-16 | In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for IOCTL codes using METHOD_NEITHER results in arbitrary memory dereferencing. |
| CVE-2020-28918 | 2021-02-16 | DualShield 5.9.8.0821 allows username enumeration on its login form. A valid username results in prompting for the password, whereas an invalid one will produce an "unknown username" error message. |
| CVE-2021-27101 | 2021-02-16 | Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. |
| CVE-2021-27102 | 2021-02-16 | Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later. |
| CVE-2021-27103 | 2021-02-16 | Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later. |
| CVE-2021-27104 | 2021-02-16 | Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. |
| CVE-2020-12362 | 2021-02-17 | Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable... |
| CVE-2020-12363 | 2021-02-17 | Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of... |
| CVE-2020-12364 | 2021-02-17 | Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial... |
| CVE-2021-26930 | 2021-02-17 | An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the... |
| CVE-2021-26931 | 2021-02-17 | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel... |
| CVE-2021-26932 | 2021-02-17 | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done... |
| CVE-2021-26933 | 2021-02-17 | An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to... |
| CVE-2021-26934 | 2021-02-17 | An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be... |
| CVE-2021-20653 | 2021-02-17 | Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain unauthorized... |
| CVE-2021-20655 | 2021-02-17 | FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. |
| CVE-2020-2501 | 2021-02-17 | Stack Buffer Overflow in Surveillance Station |
| CVE-2020-2502 | 2021-02-17 | Cross-site Scripting Vulnerability in Photo Station |
| CVE-2021-23339 | 2021-02-17 | HTTP Request Smuggling |
| CVE-2021-23885 | 2021-02-17 | Privilege escalation vulnerability in McAfee Web Gateway (MWG) UI |
| CVE-2021-22856 | 2021-02-17 | ChanGate EnterPrise Co., Ltd property management system - SQL Injection |
| CVE-2021-22857 | 2021-02-17 | ChanGate EnterPrise Co., Ltd property management system - Directory Traversal |
| CVE-2021-22858 | 2021-02-17 | ChanGate EnterPrise Co., Ltd property management system - Broken Authentication |
| CVE-2021-22553 | 2021-02-17 | Heap Memory exhaustion in Gerrit |
| CVE-2020-7849 | 2021-02-17 | UPRISM CURIX arbitrary code execution vulnerability |
| CVE-2020-7848 | 2021-02-17 | The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary... |
| CVE-2021-22853 | 2021-02-17 | Soar Cloud System Co., Ltd. HR Portal - Broken Access Control |
| CVE-2021-22854 | 2021-02-17 | Soar Cloud System Co., Ltd. HR Portal - SQL Injection |
| CVE-2021-22855 | 2021-02-17 | Soar Cloud System Co., Ltd. HR Portal - Arbitrary Code Execution |
| CVE-2020-24485 | 2021-02-17 | Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2021-0109 | 2021-02-17 | Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-24504 | 2021-02-17 | Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2020-24502 | 2021-02-17 | Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a... |
| CVE-2020-24503 | 2021-02-17 | Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2020-8701 | 2021-02-17 | Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-24492 | 2021-02-17 | Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access. |
| CVE-2020-24493 | 2021-02-17 | Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 8.0 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24495 | 2021-02-17 | Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24498 | 2021-02-17 | Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24494 | 2021-02-17 | Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24497 | 2021-02-17 | Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24501 | 2021-02-17 | Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
| CVE-2020-24496 | 2021-02-17 | Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24505 | 2021-02-17 | Insufficient input validation in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24500 | 2021-02-17 | Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access. |
| CVE-2020-24491 | 2021-02-17 | Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2020-24482 | 2021-02-17 | Improper buffer restrictions in firmware for Intel(R) 7360 Cell Modem before UDE version 9.4.370 may allow unauthenticated user to potentially enable denial of service via network access. |
| CVE-2020-24481 | 2021-02-17 | Insecure inherited permissions for the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-24480 | 2021-02-17 | Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2020-24458 | 2021-02-17 | Incomplete cleanup in some Intel(R) PROSet/Wireless WiFi and Killer (TM) drivers before version 22.0 may allow a privileged user to potentially enable information disclosure and denial of service<b> </b>via adjacent access. |
| CVE-2020-24453 | 2021-02-17 | Improper input validation in the Intel(R) EPID SDK before version 8, may allow an authenticated user to potentially enable an escalation of privilege via local access. |
| CVE-2020-24452 | 2021-02-17 | Improper input validation in the Intel(R) SGX Platform Software for Windows* may allow an authenticated user to potentially enable a denial of service via local access. |
| CVE-2020-24450 | 2021-02-17 | Improper conditions check in some Intel(R) Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-0544 | 2021-02-17 | Insufficient control flow management in the kernel mode driver for some Intel(R) Graphics Drivers before version 15.36.39.5145 may allow an authenticated user to potentially enable escalation of privilege via local... |
| CVE-2020-0521 | 2021-02-17 | Insufficient control flow management in some Intel(R) Graphics Drivers before version 15.45.32.5145 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-12361 | 2021-02-17 | Use after free in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2020-24462 | 2021-02-17 | Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via... |
| CVE-2020-8678 | 2021-02-17 | Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access. |
| CVE-2020-0518 | 2021-02-17 | Improper access control in the Intel(R) HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2020-12367 | 2021-02-17 | Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow a privileged user to potentially enable an escalation of privilege via local access. |
| CVE-2020-12368 | 2021-02-17 | Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable an escalation of privilege via local access. |
| CVE-2020-12369 | 2021-02-17 | Out of bound write in some Intel(R) Graphics Drivers before version 26.20.100.8336 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-12385 | 2021-02-17 | Improper input validation in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-12366 | 2021-02-17 | Insufficient input validation in some Intel(R) Graphics Drivers before version 27.20.100.8587 may allow a privileged user to potentially enable an escalation of privilege via local access. |
| CVE-2020-24448 | 2021-02-17 | Uncaught exception in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2020-12386 | 2021-02-17 | Out-of-bounds write in some Intel(R) Graphics Drivers before version 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2020-12384 | 2021-02-17 | Improper access control in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow an authenticated user to potentially enable an escalation of privilege via local access. |
| CVE-2020-12370 | 2021-02-17 | Untrusted pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access. |
| CVE-2020-12371 | 2021-02-17 | Divide by zero in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access. |
| CVE-2020-12372 | 2021-02-17 | Unchecked return value in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access. |
| CVE-2020-12373 | 2021-02-17 | Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access. |
| CVE-2020-24451 | 2021-02-17 | Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memory installer for Windows* before version 1.00.00.3506 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-12377 | 2021-02-17 | Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of... |
| CVE-2020-12380 | 2021-02-17 | Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation... |
| CVE-2020-12375 | 2021-02-17 | Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege... |
| CVE-2020-12376 | 2021-02-17 | Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure... |
| CVE-2020-12339 | 2021-02-17 | Insufficient control flow management in the API for the Intel(R) Collaboration Suite for WebRTC before version 4.3.1 may allow an authenticated user to potentially enable escalation of privilege via network... |
| CVE-2020-8765 | 2021-02-17 | Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-0522 | 2021-02-17 | Improper initialization in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via... |
| CVE-2020-0523 | 2021-02-17 | Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of... |
| CVE-2020-0524 | 2021-02-17 | Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service... |
| CVE-2020-0525 | 2021-02-17 | Improper access control in firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via... |
| CVE-2020-12365 | 2021-02-17 | Untrusted pointer dereference in some Intel(R) Graphics Drivers before versions 15.33.51.5146, 15.45.32.5145, 15.36.39.5144 and 15.40.46.5143 may allow an authenticated user to potentially denial of service via local access. |
| CVE-2021-26559 | 2021-02-17 | CWE-284 Improper Access Control on Configurations Endpoint for the Stable API |
| CVE-2021-26697 | 2021-02-17 | Apache Airflow: Lineage API endpoint for Experimental API missed authentication check |