CVE List - 2021 / March
Showing 201 - 300 of 1447 CVEs for March 2021 (Page 3 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-25313 | 2021-03-05 | Rancher: XSS on /v3/cluster/ |
| CVE-2021-28029 | 2021-03-05 | An issue was discovered in the toodee crate before 0.3.0... |
| CVE-2021-28033 | 2021-03-05 | An issue was discovered in the byte_struct crate before 0.6.1... |
| CVE-2021-28037 | 2021-03-05 | An issue was discovered in the internment crate before 0.4.2... |
| CVE-2021-28036 | 2021-03-05 | An issue was discovered in the quinn crate before 0.7.0... |
| CVE-2021-28035 | 2021-03-05 | An issue was discovered in the stack_dst crate before 0.6.1... |
| CVE-2021-28034 | 2021-03-05 | An issue was discovered in the stack_dst crate before 0.6.1... |
| CVE-2021-28032 | 2021-03-05 | An issue was discovered in the nano_arena crate before 0.5.2... |
| CVE-2021-28031 | 2021-03-05 | An issue was discovered in the scratchpad crate before 1.3.1... |
| CVE-2021-28030 | 2021-03-05 | An issue was discovered in the truetype crate before 0.30.1... |
| CVE-2021-28028 | 2021-03-05 | An issue was discovered in the toodee crate before 0.3.0... |
| CVE-2021-28027 | 2021-03-05 | An issue was discovered in the bam crate before 0.1.3... |
| CVE-2020-29658 | 2021-03-05 | Zoho ManageEngine Application Control Plus before 100523 has an insecure... |
| CVE-2021-20663 | 2021-03-05 | Cross-site scripting vulnerability in in Role authority setting screen of... |
| CVE-2021-20664 | 2021-03-05 | Cross-site scripting vulnerability in in Asset registration screen of Movable... |
| CVE-2021-20665 | 2021-03-05 | Cross-site scripting vulnerability in in Add asset screen of Contents... |
| CVE-2021-27907 | 2021-03-05 | Apache Superset stored XSS on Dashboard markdown |
| CVE-2021-28026 | 2021-03-05 | jpeg-xl v0.3.2 is affected by a heap buffer overflow in... |
| CVE-2020-29134 | 2021-03-05 | The TOTVS Fluig platform allows path traversal through the parameter... |
| CVE-2021-26961 | 2021-03-05 | A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered... |
| CVE-2021-26962 | 2021-03-05 | A remote authenticated arbitrary command execution vulnerability was discovered in... |
| CVE-2021-26960 | 2021-03-05 | A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered... |
| CVE-2021-26964 | 2021-03-05 | A remote authentication restriction bypass vulnerability was discovered in Aruba... |
| CVE-2021-26963 | 2021-03-05 | A remote authenticated arbitrary command execution vulnerability was discovered in... |
| CVE-2021-26966 | 2021-03-05 | A remote authenticated sql injection vulnerability was discovered in Aruba... |
| CVE-2020-35594 | 2021-03-05 | Zoho ManageEngine ADManager Plus before 7066 allows XSS. |
| CVE-2021-26965 | 2021-03-05 | A remote authenticated sql injection vulnerability was discovered in Aruba... |
| CVE-2021-26967 | 2021-03-05 | A remote reflected cross-site scripting (xss) vulnerability was discovered in... |
| CVE-2021-26968 | 2021-03-05 | A remote authenticated stored cross-site scripting (xss) vulnerability was discovered... |
| CVE-2020-28050 | 2021-03-05 | Zoho ManageEngine Desktop Central before build 10.0.647 allows a single... |
| CVE-2021-26970 | 2021-03-05 | A remote authenticated arbitrary command execution vulnerability was discovered in... |
| CVE-2021-26969 | 2021-03-05 | A remote authenticated authenticated xml external entity (xxe) vulnerability was... |
| CVE-2021-26971 | 2021-03-05 | A remote authenticated arbitrary command execution vulnerability was discovered in... |
| CVE-2021-21725 | 2021-03-05 | A ZTE product has an information leak vulnerability. An attacker... |
| CVE-2020-29032 | 2021-03-05 | Add integrity check of GateManager firmware |
| CVE-2021-27098 | 2021-03-05 | In SPIRE 0.8.1 through 0.8.4 and before versions 0.9.4, 0.10.2,... |
| CVE-2021-27099 | 2021-03-05 | In SPIRE before versions 0.8.5, 0.9.4, 0.10.2, 0.11.3 and 0.12.1,... |
| CVE-2020-28502 | 2021-03-05 | Arbitrary Code Injection |
| CVE-2021-28040 | 2021-03-05 | An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion... |
| CVE-2021-26705 | 2021-03-05 | An issue was discovered in SquareBox CatDV Server through 9.2.... |
| CVE-2021-3377 | 2021-03-05 | The npm package ansi_up converts ANSI escape codes into HTML.... |
| CVE-2021-28041 | 2021-03-05 | ssh-agent in OpenSSH before 8.5 has a double free that... |
| CVE-2020-29029 | 2021-03-05 | XSS issue due to insufficient sanitization of input field |
| CVE-2020-29028 | 2021-03-05 | Reflected XSS issues |
| CVE-2020-29020 | 2021-03-05 | Reject Remote Management via Cellular UPLINK2 |
| CVE-2020-29030 | 2021-03-05 | Insufficient CSRF guards |
| CVE-2021-3420 | 2021-03-05 | A flaw was found in newlib in versions prior to... |
| CVE-2021-27254 | 2021-03-05 | This vulnerability allows network-adjacent attackers to bypass authentication on affected... |
| CVE-2021-27255 | 2021-03-05 | This vulnerability allows remote attackers to execute arbitrary code on... |
| CVE-2021-27256 | 2021-03-05 | This vulnerability allows network-adjacent attackers to execute arbitrary code on... |
| CVE-2021-27257 | 2021-03-05 | This vulnerability allows network-adjacent attackers to compromise the integrity of... |
| CVE-2021-28042 | 2021-03-05 | Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via... |
| CVE-2021-27581 | 2021-03-05 | The Blog module in Kentico CMS 5.5 R2 build 5.5.3996... |
| CVE-2021-26814 | 2021-03-06 | Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated... |
| CVE-2021-26294 | 2021-03-07 | An issue was discovered in AfterLogic Aurora through 7.7.9 and... |
| CVE-2021-27363 | 2021-03-07 | An issue was discovered in the Linux kernel through 5.11.3.... |
| CVE-2021-27364 | 2021-03-07 | An issue was discovered in the Linux kernel through 5.11.3.... |
| CVE-2021-27365 | 2021-03-07 | An issue was discovered in the Linux kernel through 5.11.3.... |
| CVE-2020-28466 | 2021-03-07 | Denial of Service (DoS) |
| CVE-2009-20001 | 2021-03-07 | An issue was discovered in MantisBT before 2.24.5. It associates... |
| CVE-2021-23351 | 2021-03-08 | Denial of Service (DoS) |
| CVE-2021-26788 | 2021-03-08 | Oryx Embedded CycloneTCP 1.7.6 to 2.0.0, fixed in 2.0.2, is... |
| CVE-2021-27222 | 2021-03-08 | In the "Time in Status" app before 4.13.0 for Jira,... |
| CVE-2020-23967 | 2021-03-08 | Dr.Web Security Space versions 11 and 12 allow elevation of... |
| CVE-2021-21327 | 2021-03-08 | Unsafe Reflection in getItemForItemtype() |
| CVE-2021-21326 | 2021-03-08 | Horizontal Privilege Escalation |
| CVE-2021-21325 | 2021-03-08 | Stored XSS in budget type |
| CVE-2021-21324 | 2021-03-08 | Insecure Direct Object Reference (IDOR) on "Solutions" |
| CVE-2021-21329 | 2021-03-08 | Multi Factor Authentication Token Improperly Validated On User Login |
| CVE-2020-4695 | 2021-03-08 | IBM API Connect V10 is impacted by insecure communications during... |
| CVE-2020-4903 | 2021-03-08 | IBM API Connect V10 and V2018 could allow an attacker... |
| CVE-2020-5014 | 2021-03-08 | IBM DataPower Gateway V10 and V2018 could allow a local... |
| CVE-2021-21362 | 2021-03-08 | Bypassing readOnly policy by creating a temporary 'mc share upload' URL |
| CVE-2021-21354 | 2021-03-08 | Open redirect in pollbot |
| CVE-2021-21335 | 2021-03-08 | Basic Authentication can be bypassed using a malformed username |
| CVE-2021-21336 | 2021-03-08 | Exposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager |
| CVE-2021-22134 | 2021-03-08 | A document disclosure flaw was found in Elasticsearch versions after... |
| CVE-2020-27574 | 2021-03-08 | Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request... |
| CVE-2020-27575 | 2021-03-08 | Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command... |
| CVE-2021-21337 | 2021-03-08 | URL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService |
| CVE-2020-27576 | 2021-03-08 | Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting... |
| CVE-2020-27838 | 2021-03-08 | A flaw was found in keycloak in versions prior to... |
| CVE-2021-21503 | 2021-03-08 | PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization... |
| CVE-2021-21506 | 2021-03-08 | PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization... |
| CVE-2021-21510 | 2021-03-08 | Dell iDRAC8 versions prior to 2.75.100.75 contain a host header... |
| CVE-2021-20241 | 2021-03-09 | A flaw was found in ImageMagick in coders/jp2.c. An attacker... |
| CVE-2021-20243 | 2021-03-09 | A flaw was found in ImageMagick in MagickCore/resize.c. An attacker... |
| CVE-2021-20244 | 2021-03-09 | A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker... |
| CVE-2021-20245 | 2021-03-09 | A flaw was found in ImageMagick in coders/webp.c. An attacker... |
| CVE-2021-20246 | 2021-03-09 | A flaw was found in ImageMagick in MagickCore/resample.c. An attacker... |
| CVE-2021-21300 | 2021-03-09 | malicious repositories can execute remote code while cloning |
| CVE-2021-24033 | 2021-03-09 | react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an... |
| CVE-2021-21360 | 2021-03-09 | Exposure of Sensitive Information to an Unauthorized Actor in Products.GenericSetup |
| CVE-2021-21361 | 2021-03-09 | Sensitive information disclosure via log in com.bmuschko:gradle-vagrant-plugin |
| CVE-2021-28006 | 2021-03-09 | Web Based Quiz System 1.0 is affected by cross-site scripting... |
| CVE-2021-20272 | 2021-03-09 | A flaw was found in privoxy before 3.0.32. An assertion... |
| CVE-2021-20273 | 2021-03-09 | A flaw was found in privoxy before 3.0.32. A crash... |
| CVE-2021-20274 | 2021-03-09 | A flaw was found in privoxy before 3.0.32. A crash... |
| CVE-2021-20275 | 2021-03-09 | A flaw was found in privoxy before 3.0.32. A invalid... |
| CVE-2021-20276 | 2021-03-09 | A flaw was found in privoxy before 3.0.32. Invalid memory... |