CVE List - 2021 / March
Showing 801 - 900 of 1447 CVEs for March 2021 (Page 9 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-26233 | 2021-03-18 | FastStone Image Viewer <= 7.5 is affected by a user... |
| CVE-2021-26234 | 2021-03-18 | FastStone Image Viewer <= 7.5 is affected by a user... |
| CVE-2021-26235 | 2021-03-18 | FastStone Image Viewer <= 7.5 is affected by a user... |
| CVE-2021-26237 | 2021-03-18 | FastStone Image Viewer <= 7.5 is affected by a user... |
| CVE-2021-28133 | 2021-03-18 | Zoom through 5.5.4 sometimes allows attackers to read private information... |
| CVE-2021-27306 | 2021-03-18 | An improper access control vulnerability in the JWT plugin in... |
| CVE-2021-26935 | 2021-03-18 | In WoWonder < 3.1, remote attackers can gain access to... |
| CVE-2021-24123 | 2021-03-18 | PowerPress < 8.3.8 - Authenticated Arbitrary File Upload leading to RCE |
| CVE-2021-24124 | 2021-03-18 | WP Shieldon 1.6.3 - Unauthenticated Cross-Site Scripting (XSS) |
| CVE-2021-24125 | 2021-03-18 | Contact Form Submissions < 1.7.1 - Authenticated SQL Injection |
| CVE-2021-24126 | 2021-03-18 | Envira Gallery Lite < 1.8.3.3 - Authenticated Stored Cross-Site Scripting |
| CVE-2021-24127 | 2021-03-18 | ThirstyAffiliates < 3.9.3 - Authenticated Stored XSS |
| CVE-2021-24128 | 2021-03-18 | Team Members < 5.0.4 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24129 | 2021-03-18 | Themify Portfolio Post < 1.1.6 - Authenticated Stored Cross-Site Scripting |
| CVE-2021-24130 | 2021-03-18 | WP Google Map Plugin < 4.1.5 - Authenticated SQL Injection |
| CVE-2021-24131 | 2021-03-18 | Anti-Spam by CleanTalk < 5.149 - Multiple Authenticated SQL Injections |
| CVE-2021-24132 | 2021-03-18 | Slider by 10Web < 1.2.36 - Multiple Authenticated SQL Injection |
| CVE-2021-24133 | 2021-03-18 | ActiveCampaign < 8.0.2 - Cross-Site Request Forgery in Settings |
| CVE-2021-24134 | 2021-03-18 | Constant Contact Forms < 1.8.8 - Multiple Authenticated Stored XSS |
| CVE-2021-24135 | 2021-03-18 | WP Customer Reviews < 3.4.3 - Multiple Unauthenticated and Low Priv Authenticated Stored XSS |
| CVE-2021-24136 | 2021-03-18 | Testimonials Widget < 4.0.0 - Multiple Authenticated Stored XSS |
| CVE-2021-24137 | 2021-03-18 | Blog2Social: Social Media Auto Post & Scheduler < 6.3.1 - Authenticated SQL Injection |
| CVE-2021-24138 | 2021-03-18 | AdRotate < 5.8.4 - Authenticated SQL Injection |
| CVE-2021-24139 | 2021-03-18 | Photo Gallery by 10Web < 1.5.55 - Unauthenticated SQL Injection |
| CVE-2021-24140 | 2021-03-18 | Ajax Load More < 5.3.2 - Authenticated SQL Injection |
| CVE-2021-24141 | 2021-03-18 | Advanced Database Cleaner < 3.0.2 - Authenticated SQL injection |
| CVE-2021-24142 | 2021-03-18 | 301 Redirects - Easy Redirect Manager < 2.51 - Authenticated SQL Injection |
| CVE-2021-24143 | 2021-03-18 | AccessPress Social Icons < 1.8.1 - Authenticated SQL Injection |
| CVE-2021-24144 | 2021-03-18 | Contact Form 7 Database Addon < 1.2.5.6 - CSV Injection |
| CVE-2021-24145 | 2021-03-18 | Modern Events Calendar Lite < 5.16.5 - Authenticated Arbitrary File Upload leading to RCE |
| CVE-2021-24146 | 2021-03-18 | Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export |
| CVE-2021-24147 | 2021-03-18 | Modern Events Calendar Lite < 5.16.5 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24148 | 2021-03-18 | MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple |
| CVE-2021-24149 | 2021-03-18 | Modern Events Calendar Lite < 5.16.6 - Authenticated SQL Injection |
| CVE-2021-28790 | 2021-03-18 | The unofficial SwiftLint extension before 1.4.5 for Visual Studio Code... |
| CVE-2021-28792 | 2021-03-18 | The unofficial Swift Development Environment extension before 2.12.1 for Visual... |
| CVE-2021-28794 | 2021-03-18 | The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code... |
| CVE-2021-28796 | 2021-03-18 | Increments Qiita::Markdown before 0.33.0 allows XSS in transformers. |
| CVE-2021-28789 | 2021-03-18 | The unofficial apple/swift-format extension before 1.1.2 for Visual Studio Code... |
| CVE-2021-28791 | 2021-03-18 | The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code... |
| CVE-2021-28145 | 2021-03-18 | Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users... |
| CVE-2021-26215 | 2021-03-18 | SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in... |
| CVE-2021-26216 | 2021-03-18 | SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in... |
| CVE-2020-26155 | 2021-03-18 | Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0.... |
| CVE-2021-22665 | 2021-03-18 | Rockwell Automation DriveTools SP v5.13 and below and Drives AOP... |
| CVE-2021-21383 | 2021-03-18 | XSS in Wiki.js |
| CVE-2020-14516 | 2021-03-18 | In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00,... |
| CVE-2021-27656 | 2021-03-18 | exacqVision Web Services - Information Exposure |
| CVE-2019-3867 | 2021-03-18 | A vulnerability was found in the Quay web application. Sessions... |
| CVE-2021-1287 | 2021-03-18 | Cisco Small Business RV132W and RV134W Routers Management Interface Remote Command Execution and Denial of Service Vulnerability |
| CVE-2021-28160 | 2021-03-18 | Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) suffers from a reflected... |
| CVE-2019-14850 | 2021-03-18 | A denial of service vulnerability was discovered in nbdkit 1.12.7,... |
| CVE-2020-35492 | 2021-03-18 | A flaw was found in cairo's image-compositor.c in all versions... |
| CVE-2019-14851 | 2021-03-18 | A denial of service vulnerability was discovered in nbdkit. A... |
| CVE-2019-14852 | 2021-03-18 | A flaw was found in 3scale’s APIcast gateway that enabled... |
| CVE-2020-26797 | 2021-03-18 | Mediainfo before version 20.08 has a heap buffer overflow vulnerability... |
| CVE-2021-25764 | 2021-03-18 | In JetBrains PhpStorm before 2020.3, source code could be added... |
| CVE-2020-26886 | 2021-03-18 | Softaculous before 5.5.7 is affected by a code execution vulnerability... |
| CVE-2020-9367 | 2021-03-18 | The MPS Agent in Zoho ManageEngine Desktop Central MSP build... |
| CVE-2020-36144 | 2021-03-18 | Redash 8.0.0 is affected by LDAP Injection. There is an... |
| CVE-2021-27358 | 2021-03-18 | The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow... |
| CVE-2021-3416 | 2021-03-18 | A potential stack overflow via infinite loop issue was found... |
| CVE-2021-27436 | 2021-03-18 | WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting,... |
| CVE-2021-26275 | 2021-03-18 | The eslint-fixer package through 0.1.5 for Node.js allows command injection... |
| CVE-2021-28653 | 2021-03-18 | The iOS and macOS apps before 1.4.1 for the Western... |
| CVE-2021-21384 | 2021-03-18 | Null characters not escaped in shescape |
| CVE-2021-27221 | 2021-03-19 | MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create... |
| CVE-2021-27928 | 2021-03-19 | A remote code execution issue was discovered in MariaDB 10.2... |
| CVE-2021-3327 | 2021-03-19 | Ovation Dynamic Content 1.10.1 for Elementor allows XSS via the... |
| CVE-2021-28109 | 2021-03-19 | TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php reflected Cross-Site Scripting... |
| CVE-2021-28110 | 2021-03-19 | /exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5... |
| CVE-2021-28126 | 2021-03-19 | index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5... |
| CVE-2020-6577 | 2021-03-19 | The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition)... |
| CVE-2020-6578 | 2021-03-19 | Zen Cart 1.5.6d allows reflected XSS via the main_page parameter... |
| CVE-2021-25289 | 2021-03-19 | An issue was discovered in Pillow before 8.1.1. TiffDecode has... |
| CVE-2021-25290 | 2021-03-19 | An issue was discovered in Pillow before 8.1.1. In TiffDecode.c,... |
| CVE-2021-25291 | 2021-03-19 | An issue was discovered in Pillow before 8.1.1. In TiffDecode.c,... |
| CVE-2021-25292 | 2021-03-19 | An issue was discovered in Pillow before 8.1.1. The PDF... |
| CVE-2021-25293 | 2021-03-19 | An issue was discovered in Pillow before 8.1.1. There is... |
| CVE-2021-28831 | 2021-03-19 | decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on... |
| CVE-2020-25097 | 2021-03-19 | An issue was discovered in Squid through 4.13 and 5.x... |
| CVE-2021-28089 | 2021-03-19 | Tor before 0.4.5.7 allows a remote participant in the Tor... |
| CVE-2021-28090 | 2021-03-19 | Tor before 0.4.5.7 allows a remote attacker to cause Tor... |
| CVE-2021-28834 | 2021-03-19 | Kramdown before 2.3.1 does not restrict Rouge formatters to the... |
| CVE-2021-27506 | 2021-03-19 | The ClamAV Engine (version 0.103.1 and below) component embedded in... |
| CVE-2020-4635 | 2021-03-19 | IBM Resilient SOAR 40 and earlier could disclose sensitive information... |
| CVE-2021-21387 | 2021-03-19 | Partial secret key disclosure, improper safety number calculation, & inadequate encryption strength |
| CVE-2021-21390 | 2021-03-19 | MITM modification of request bodies in MinIO |
| CVE-2021-27807 | 2021-03-19 | A carefully crafted PDF file can trigger an infinite loop while loading the file |
| CVE-2021-27906 | 2021-03-19 | A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file |
| CVE-2021-25277 | 2021-03-19 | FTAPI 4.0 - 4.10 allows XSS via a crafted filename... |
| CVE-2021-25278 | 2021-03-19 | FTAPI 4.0 through 4.10 allows XSS via an SVG document... |
| CVE-2021-26991 | 2021-03-19 | Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin... |
| CVE-2021-26992 | 2021-03-19 | Cloud Manager versions prior to 3.9.4 are susceptible to a... |
| CVE-2021-26990 | 2021-03-19 | Cloud Manager versions prior to 3.9.4 are susceptible to a... |
| CVE-2021-20077 | 2021-03-19 | Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently... |
| CVE-2019-10127 | 2021-03-19 | A vulnerability was found in postgresql versions 11.x prior to... |
| CVE-2021-27520 | 2021-03-19 | A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote... |
| CVE-2021-27519 | 2021-03-19 | A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote... |
| CVE-2019-10128 | 2021-03-19 | A vulnerability was found in postgresql versions 11.x prior to... |