CVE List - 2021 / April
Showing 1401 - 1500 of 1817 CVEs for April 2021 (Page 15 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-2301 | 2021-04-22 | Vulnerability in the MySQL Server product of Oracle MySQL (component:... |
| CVE-2021-2302 | 2021-04-22 | Vulnerability in the Oracle Platform Security for Java product of... |
| CVE-2021-2303 | 2021-04-22 | Vulnerability in the OSS Support Tools product of Oracle Support... |
| CVE-2021-2304 | 2021-04-22 | Vulnerability in the MySQL Server product of Oracle MySQL (component:... |
| CVE-2021-2305 | 2021-04-22 | Vulnerability in the MySQL Server product of Oracle MySQL (component:... |
| CVE-2021-2306 | 2021-04-22 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization... |
| CVE-2021-2307 | 2021-04-22 | Vulnerability in the MySQL Server product of Oracle MySQL (component:... |
| CVE-2021-2308 | 2021-04-22 | Vulnerability in the MySQL Server product of Oracle MySQL (component:... |
| CVE-2021-2309 | 2021-04-22 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization... |
| CVE-2021-2310 | 2021-04-22 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization... |
| CVE-2021-2311 | 2021-04-22 | Vulnerability in the Oracle Hospitality Inventory Management product of Oracle... |
| CVE-2021-2312 | 2021-04-22 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization... |
| CVE-2021-2314 | 2021-04-22 | Vulnerability in the Oracle Application Object Library product of Oracle... |
| CVE-2021-2315 | 2021-04-22 | Vulnerability in the Oracle HTTP Server product of Oracle Fusion... |
| CVE-2021-2316 | 2021-04-22 | Vulnerability in the Oracle HRMS (France) product of Oracle E-Business... |
| CVE-2021-2317 | 2021-04-22 | Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of... |
| CVE-2021-2318 | 2021-04-22 | Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of... |
| CVE-2021-2319 | 2021-04-22 | Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of... |
| CVE-2021-2320 | 2021-04-22 | Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of... |
| CVE-2021-22199 | 2021-04-22 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2021-31597 | 2021-04-22 | The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate... |
| CVE-2021-29470 | 2021-04-23 | Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header |
| CVE-2021-31607 | 2021-04-23 | In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability... |
| CVE-2021-26291 | 2021-04-23 | block repositories using http by default |
| CVE-2021-25382 | 2021-04-23 | An improper authorization of using debugging command in Secure Folder... |
| CVE-2020-7385 | 2021-04-23 | Metasploit Framework 'drb_remote_codeexec' code execution |
| CVE-2021-26908 | 2021-04-23 | Automox Agent Sensitive Log Information Disclosure |
| CVE-2021-26909 | 2021-04-23 | Automox Agent Guessable S3 Bucket Endpoint |
| CVE-2018-25007 | 2021-04-23 | Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11 |
| CVE-2019-25027 | 2021-04-23 | Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13 |
| CVE-2019-25028 | 2021-04-23 | Stored cross-site scripting in Grid component in Vaadin 7 and 8 |
| CVE-2020-36319 | 2021-04-23 | Potential sensitive data exposure in applications using Vaadin 15 |
| CVE-2020-36320 | 2021-04-23 | Regular expression Denial of Service (ReDoS) in EmailValidator class in Vaadin 7 |
| CVE-2020-36321 | 2021-04-23 | Directory traversal in development mode handler in Vaadin 14 and 15-17 |
| CVE-2021-31403 | 2021-04-23 | Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8 |
| CVE-2021-31404 | 2021-04-23 | Timing side channel vulnerability in UIDL request handler in Vaadin 10, 11-14, and 15-18 |
| CVE-2021-31405 | 2021-04-23 | Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 |
| CVE-2021-31406 | 2021-04-23 | Timing side channel vulnerability in endpoint request handler in Vaadin 15-19 |
| CVE-2021-31407 | 2021-04-23 | Server classes and resources exposure in OSGi applications using Vaadin 12-14 and 19 |
| CVE-2021-31408 | 2021-04-23 | Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 |
| CVE-2021-31410 | 2021-04-23 | Project sources exposure in Vaadin Designer |
| CVE-2021-31540 | 2021-04-23 | Wowza Streaming Engine through 4.8.5 (in a default installation) has... |
| CVE-2021-31539 | 2021-04-23 | Wowza Streaming Engine before 4.8.8.01 (in a default installation) has... |
| CVE-2021-22893 | 2021-04-23 | Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an... |
| CVE-2021-22682 | 2021-04-23 | Cscape (All versions prior to 9.90 SP4) is configured by... |
| CVE-2021-22204 | 2021-04-23 | Improper neutralization of user data in the DjVu file format... |
| CVE-2021-22678 | 2021-04-23 | Cscape (All versions prior to 9.90 SP4) lacks proper validation... |
| CVE-2021-22207 | 2021-04-23 | Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to... |
| CVE-2021-22205 | 2021-04-23 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2021-20084 | 2021-04-23 | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in... |
| CVE-2021-20088 | 2021-04-23 | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in... |
| CVE-2021-20087 | 2021-04-23 | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in... |
| CVE-2021-29469 | 2021-04-23 | Potential exponential regex in monitor mode |
| CVE-2021-20086 | 2021-04-23 | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in... |
| CVE-2021-20089 | 2021-04-23 | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in... |
| CVE-2021-20085 | 2021-04-23 | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in... |
| CVE-2021-20083 | 2021-04-23 | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in... |
| CVE-2021-31780 | 2021-04-23 | In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association... |
| CVE-2020-7034 | 2021-04-23 | Command injection in Avaya Session Border Controller for Enterprise |
| CVE-2020-17542 | 2021-04-23 | Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers... |
| CVE-2021-29158 | 2021-04-23 | Sonatype Nexus Repository Manager 3 Pro up to and including... |
| CVE-2021-25898 | 2021-04-23 | An issue was discovered in svc-login.php in Void Aural Rec... |
| CVE-2021-25899 | 2021-04-23 | An issue was discovered in svc-login.php in Void Aural Rec... |
| CVE-2021-31583 | 2021-04-23 | Sipwise C5 NGCP WWW Admin version 3.6.7 up to and... |
| CVE-2021-31584 | 2021-04-23 | Sipwise C5 NGCP www_csc version 3.6.4 up to and including... |
| CVE-2020-7035 | 2021-04-23 | XXE in Avaya Aura Orchestration Designer |
| CVE-2020-7036 | 2021-04-23 | XXE in Avaya Callback Assist Administration |
| CVE-2021-31791 | 2021-04-23 | In Hardware Sentry KM before 10.0.01 for BMC PATROL, a... |
| CVE-2021-31598 | 2021-04-24 | An issue was discovered in libezxml.a in ezXML 0.8.6. The... |
| CVE-2021-31795 | 2021-04-24 | The PowerVR GPU kernel driver in pvrsrvkm.ko through 2021-04-24 for... |
| CVE-2021-31794 | 2021-04-24 | Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent... |
| CVE-2021-31712 | 2021-04-24 | react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript:... |
| CVE-2021-30502 | 2021-04-25 | The unofficial vscode-ghc-simple (aka Simple Glasgow Haskell Compiler) extension before... |
| CVE-2021-31726 | 2021-04-25 | Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server... |
| CVE-2021-31760 | 2021-04-25 | Webmin 1.973 is affected by Cross Site Request Forgery (CSRF)... |
| CVE-2021-31761 | 2021-04-25 | Webmin 1.973 is affected by reflected Cross Site Scripting (XSS)... |
| CVE-2021-31762 | 2021-04-25 | Webmin 1.973 is affected by Cross Site Request Forgery (CSRF)... |
| CVE-2021-31718 | 2021-04-25 | The server in npupnp before 4.1.4 is affected by DNS... |
| CVE-2021-29473 | 2021-04-26 | Out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata |
| CVE-2021-21220 | 2021-04-26 | Insufficient validation of untrusted input in V8 in Google Chrome... |
| CVE-2021-20680 | 2021-04-26 | Cross-site scripting vulnerability in NEC Aterm devices (Aterm WG1900HP2 firmware... |
| CVE-2021-20693 | 2021-04-26 | Improper access control vulnerability in Gurunavi App for Android ver.10.0.10... |
| CVE-2021-20694 | 2021-04-26 | Improper access control vulnerability in DAP-1880AC firmware version 1.21 and... |
| CVE-2021-20695 | 2021-04-26 | Improper following of a certificate's chain of trust vulnerability in... |
| CVE-2021-20696 | 2021-04-26 | DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated... |
| CVE-2021-20697 | 2021-04-26 | Missing authentication for critical function in DAP-1880AC firmware version 1.21... |
| CVE-2021-20708 | 2021-04-26 | NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm... |
| CVE-2021-20709 | 2021-04-26 | Improper validation of integrity check value vulnerability in NEC Aterm... |
| CVE-2021-20710 | 2021-04-26 | Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.5.1 and earlier... |
| CVE-2021-20711 | 2021-04-26 | Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to... |
| CVE-2021-20712 | 2021-04-26 | Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1... |
| CVE-2021-31804 | 2021-04-26 | LeoCAD before 21.03 sometimes allows a use-after-free during the opening... |
| CVE-2021-31803 | 2021-04-26 | cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile... |
| CVE-2021-23365 | 2021-04-26 | Authentication Bypass |
| CVE-2021-25927 | 2021-04-26 | Prototype pollution vulnerability in 'safe-flat' versions 2.0.0 through 2.0.1 allows... |
| CVE-2021-25928 | 2021-04-26 | Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows... |
| CVE-2021-26797 | 2021-04-26 | An access control vulnerability in Hame SD1 Wi-Fi firmware <=V.20140224154640... |
| CVE-2021-28079 | 2021-04-26 | Jamovi <=1.6.18 is affected by a cross-site scripting (XSS) vulnerability.... |
| CVE-2021-31802 | 2021-04-26 | NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that... |
| CVE-2020-15078 | 2021-04-26 | OpenVPN 2.5.1 and earlier versions allows a remote attackers to... |