CVE List - 2021 / February
Showing 1001 - 1100 of 1455 CVEs for February 2021 (Page 11 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-26697 | 2021-02-17 | Apache Airflow: Lineage API endpoint for Experimental API missed authentication check |
| CVE-2021-22174 | 2021-02-17 | Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2... |
| CVE-2021-22173 | 2021-02-17 | Memory leak in USB HID dissector in Wireshark 3.4.0 to... |
| CVE-2020-35339 | 2021-02-17 | In 74cms version 5.0.1, there is a remote code execution... |
| CVE-2020-36002 | 2021-02-17 | Seat-Reservation-System 1.0 has a SQL injection vulnerability in index.php in... |
| CVE-2020-36003 | 2021-02-17 | The id parameter in detail.php of Online Book Store v1.0... |
| CVE-2021-25779 | 2021-02-17 | Baby Care System v1.0 is vulnerable to SQL injection via... |
| CVE-2021-25780 | 2021-02-17 | An arbitrary file upload vulnerability has been identified in posts.php... |
| CVE-2021-26809 | 2021-02-17 | PHPGurukul Car Rental Project version 2.0 suffers from a remote... |
| CVE-2021-27362 | 2021-02-17 | The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a... |
| CVE-2021-27224 | 2021-02-17 | The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a... |
| CVE-2021-1416 | 2021-02-17 | Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities |
| CVE-2021-1412 | 2021-02-17 | Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities |
| CVE-2021-1378 | 2021-02-17 | Cisco StarOS Denial of Service Vulnerability |
| CVE-2021-1372 | 2021-02-17 | Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows Shared Memory Information Disclosure Vulnerability |
| CVE-2021-1366 | 2021-02-17 | Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability |
| CVE-2021-1351 | 2021-02-17 | Cisco Webex Meetings Cross-Site Scripting Vulnerability |
| CVE-2020-13550 | 2021-02-17 | A local file inclusion vulnerability exists in the installation functionality... |
| CVE-2020-13552 | 2021-02-17 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-13551 | 2021-02-17 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-13553 | 2021-02-17 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-13555 | 2021-02-17 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2021-3396 | 2021-02-17 | OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1.16,... |
| CVE-2020-25605 | 2021-02-17 | Cleartext transmission of sensitive information in Agora Video SDK prior... |
| CVE-2021-27367 | 2021-02-17 | Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal. |
| CVE-2021-26911 | 2021-02-17 | core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate... |
| CVE-2021-26720 | 2021-02-17 | avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed... |
| CVE-2020-36245 | 2021-02-17 | GramAddict through 1.2.3 allows remote attackers to execute arbitrary code... |
| CVE-2021-27374 | 2021-02-17 | VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before... |
| CVE-2021-27097 | 2021-02-17 | The boot loader in Das U-Boot before 2021.04-rc2 mishandles a... |
| CVE-2021-27138 | 2021-02-17 | The boot loader in Das U-Boot before 2021.04-rc2 mishandles use... |
| CVE-2020-8625 | 2021-02-17 | A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack |
| CVE-2020-12878 | 2021-02-17 | Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate... |
| CVE-2020-9306 | 2021-02-17 | Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use... |
| CVE-2021-27375 | 2021-02-18 | Traefik before 2.4.5 allows the loading of IFRAME elements from... |
| CVE-2021-27124 | 2021-02-18 | SQL injection in the expertise parameter in search_result.php in Doctor... |
| CVE-2021-27378 | 2021-02-18 | An issue was discovered in the rand_core crate before 0.6.2... |
| CVE-2021-27377 | 2021-02-18 | An issue was discovered in the yottadb crate before 1.2.0... |
| CVE-2021-27376 | 2021-02-18 | An issue was discovered in the nb-connect crate before 1.0.3... |
| CVE-2020-29664 | 2021-02-18 | A command injection issue in dji_sys in DJI Mavic 2... |
| CVE-2020-35577 | 2021-02-18 | In Endalia Selection Portal before 4.205.0, an Insecure Direct Object... |
| CVE-2020-28490 | 2021-02-18 | Command Injection |
| CVE-2020-28496 | 2021-02-18 | Regular Expression Denial of Service (ReDoS) |
| CVE-2021-23340 | 2021-02-18 | Local File Inclusion |
| CVE-2019-18255 | 2021-02-18 | HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated... |
| CVE-2019-18243 | 2021-02-18 | HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated... |
| CVE-2021-27379 | 2021-02-18 | An issue was discovered in Xen through 4.11.x, allowing x86... |
| CVE-2020-29448 | 2021-02-18 | The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center... |
| CVE-2020-29453 | 2021-02-18 | The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center... |
| CVE-2020-4933 | 2021-02-18 | IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is... |
| CVE-2021-20354 | 2021-02-18 | IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow... |
| CVE-2021-20443 | 2021-02-18 | IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such... |
| CVE-2021-20444 | 2021-02-18 | IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site... |
| CVE-2021-20445 | 2021-02-18 | IBM Maximo for Civil Infrastructure 7.6.2 could allow a user... |
| CVE-2021-20446 | 2021-02-18 | IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site... |
| CVE-2020-36233 | 2021-02-18 | The Microsoft Windows Installer for Atlassian Bitbucket Server and Data... |
| CVE-2021-26068 | 2021-02-18 | An endpoint in Atlassian Jira Server for Slack plugin from... |
| CVE-2020-28491 | 2021-02-18 | Denial of Service (DoS) |
| CVE-2020-28463 | 2021-02-18 | Server-side Request Forgery (SSRF) |
| CVE-2021-23341 | 2021-02-18 | Regular Expression Denial of Service (ReDoS) |
| CVE-2020-28499 | 2021-02-18 | Prototype Pollution |
| CVE-2021-21318 | 2021-02-18 | Removing access may not effect published series |
| CVE-2021-27329 | 2021-02-18 | Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or... |
| CVE-2021-27335 | 2021-02-18 | KollectApps before 4.8.16c is affected by insecure Java deserialization, leading... |
| CVE-2020-35591 | 2021-02-18 | Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application... |
| CVE-2020-35592 | 2021-02-18 | Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options... |
| CVE-2021-26717 | 2021-02-18 | An issue was discovered in Sangoma Asterisk 16.x before 16.16.1,... |
| CVE-2021-26906 | 2021-02-18 | An issue was discovered in res_pjsip_session.c in Digium Asterisk through... |
| CVE-2020-35776 | 2021-02-18 | A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1,... |
| CVE-2021-26712 | 2021-02-18 | Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 16.16.0,... |
| CVE-2021-26747 | 2021-02-18 | Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter... |
| CVE-2020-19513 | 2021-02-18 | Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers... |
| CVE-2019-25024 | 2021-02-19 | OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell... |
| CVE-2021-27404 | 2021-02-19 | Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP... |
| CVE-2021-27403 | 2021-02-19 | Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS. |
| CVE-2021-27405 | 2021-02-19 | A ReDoS (regular expression denial of service) flaw was found... |
| CVE-2021-26746 | 2021-02-19 | Chamilo 1.11.14 allows XSS via a main/calendar/agenda_list.php?type= URI. |
| CVE-2020-36246 | 2021-02-19 | Amaze File Manager before 3.5.1 allows attackers to obtain root... |
| CVE-2020-24908 | 2021-02-19 | Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges... |
| CVE-2020-36247 | 2021-02-19 | Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF. |
| CVE-2020-10254 | 2021-02-19 | An issue was discovered in ownCloud before 10.4. An attacker... |
| CVE-2020-10252 | 2021-02-19 | An issue was discovered in ownCloud before 10.4. Because of... |
| CVE-2020-36252 | 2021-02-19 | ownCloud Server 10.x before 10.3.1 allows an attacker, who has... |
| CVE-2020-36251 | 2021-02-19 | ownCloud Server before 10.3.0 allows an attacker, who has received... |
| CVE-2020-36250 | 2021-02-19 | In the ownCloud application before 2.15 for Android, the lock... |
| CVE-2020-36249 | 2021-02-19 | The File Firewall before 2.8.0 for ownCloud Server does not... |
| CVE-2020-36248 | 2021-02-19 | The ownCloud application before 2.15 for Android allows attackers to... |
| CVE-2021-3339 | 2021-02-19 | ModernFlow before 1.3.00.208 does not constrain web-page access to members... |
| CVE-2021-26296 | 2021-02-19 | Cross-Site Request Forgery (CSRF) vulnerability in Apache MyFaces |
| CVE-2021-3210 | 2021-02-19 | components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute... |
| CVE-2021-3204 | 2021-02-19 | SSRF in the document conversion component of Webware Webdesktop 5.1.15... |
| CVE-2021-22702 | 2021-02-19 | A CWE-319: Cleartext transmission of sensitive information vulnerability exists in... |
| CVE-2021-22703 | 2021-02-19 | A CWE-319: Cleartext transmission of sensitive information vulnerability exists in... |
| CVE-2021-22701 | 2021-02-19 | A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400,... |
| CVE-2020-12374 | 2021-02-19 | Buffer overflow in the BMC firmware for some Intel(R) Server... |
| CVE-2021-21512 | 2021-02-19 | Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information... |
| CVE-2021-23342 | 2021-02-19 | Cross-site Scripting (XSS) |
| CVE-2020-13549 | 2021-02-19 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-25171 | 2021-02-19 | Fuji Electric V-Server Lite |
| CVE-2020-9050 | 2021-02-19 | Metasys Reporting Engine (MRE) Web Services - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |