CVE List - 2021 / April
Showing 1501 - 1600 of 1817 CVEs for April 2021 (Page 16 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-25838 | 2021-04-26 | The Import function in MintHCM RELEASE 3.0.8 allows an attacker... |
| CVE-2021-25839 | 2021-04-26 | A weak password requirement vulnerability exists in the Create New... |
| CVE-2021-28399 | 2021-04-26 | OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid... |
| CVE-2021-3494 | 2021-04-26 | A smart proxy that provides a restful API to various... |
| CVE-2021-3472 | 2021-04-26 | A flaw was found in xorg-x11-server in versions before 1.20.11.... |
| CVE-2021-23382 | 2021-04-26 | Regular Expression Denial of Service (ReDoS) |
| CVE-2021-27851 | 2021-04-26 | Local privilege escalation in GNU Guix via guix-daemon and '--keep-failed' |
| CVE-2021-21206 | 2021-04-26 | Use after free in Blink in Google Chrome prior to... |
| CVE-2021-21201 | 2021-04-26 | Use after free in permissions in Google Chrome prior to... |
| CVE-2021-21202 | 2021-04-26 | Use after free in extensions in Google Chrome prior to... |
| CVE-2021-21203 | 2021-04-26 | Use after free in Blink in Google Chrome prior to... |
| CVE-2021-21204 | 2021-04-26 | Use after free in Blink in Google Chrome on OS... |
| CVE-2021-21205 | 2021-04-26 | Insufficient policy enforcement in navigation in Google Chrome on iOS... |
| CVE-2021-21207 | 2021-04-26 | Use after free in IndexedDB in Google Chrome prior to... |
| CVE-2021-21208 | 2021-04-26 | Insufficient data validation in QR scanner in Google Chrome on... |
| CVE-2021-21209 | 2021-04-26 | Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72... |
| CVE-2021-21210 | 2021-04-26 | Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72... |
| CVE-2021-21211 | 2021-04-26 | Inappropriate implementation in Navigation in Google Chrome on iOS prior... |
| CVE-2021-21212 | 2021-04-26 | Incorrect security UI in Network Config UI in Google Chrome... |
| CVE-2021-21213 | 2021-04-26 | Use after free in WebMIDI in Google Chrome prior to... |
| CVE-2021-21214 | 2021-04-26 | Use after free in Network API in Google Chrome prior... |
| CVE-2021-21215 | 2021-04-26 | Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72... |
| CVE-2021-21216 | 2021-04-26 | Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72... |
| CVE-2021-21217 | 2021-04-26 | Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72... |
| CVE-2021-21218 | 2021-04-26 | Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72... |
| CVE-2021-21219 | 2021-04-26 | Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72... |
| CVE-2021-21221 | 2021-04-26 | Insufficient validation of untrusted input in Mojo in Google Chrome... |
| CVE-2020-4562 | 2021-04-26 | IBM Planning Analytics 2.0 could allow a remote attacker to... |
| CVE-2021-20432 | 2021-04-26 | IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Resource... |
| CVE-2021-20532 | 2021-04-26 | IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a... |
| CVE-2021-20536 | 2021-04-26 | IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7... |
| CVE-2021-20546 | 2021-04-26 | IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to... |
| CVE-2021-29672 | 2021-04-26 | IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to... |
| CVE-2021-29694 | 2021-04-26 | IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than... |
| CVE-2021-21222 | 2021-04-26 | Heap buffer overflow in V8 in Google Chrome prior to... |
| CVE-2021-21223 | 2021-04-26 | Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85... |
| CVE-2021-21224 | 2021-04-26 | Type confusion in V8 in Google Chrome prior to 90.0.4430.85... |
| CVE-2021-21225 | 2021-04-26 | Out of bounds memory access in V8 in Google Chrome... |
| CVE-2021-21226 | 2021-04-26 | Use after free in navigation in Google Chrome prior to... |
| CVE-2020-36325 | 2021-04-26 | An issue was discovered in Jansson through 2.13.1. Due to... |
| CVE-2021-31784 | 2021-04-26 | An out-of-bounds write vulnerability exists in the file-reading procedure in... |
| CVE-2021-31783 | 2021-04-26 | show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows... |
| CVE-2021-31646 | 2021-04-26 | Gestsup before 3.2.10 allows account takeover through the password recovery... |
| CVE-2021-29475 | 2021-04-26 | PDF export allows arbitrary file reads |
| CVE-2021-22669 | 2021-04-26 | Incorrect permissions are set to default on the ‘Project Management’... |
| CVE-2021-29474 | 2021-04-26 | Relative Path Traversal Attack on note creation |
| CVE-2021-31671 | 2021-04-27 | pgsync before 0.6.7 is affected by Information Disclosure of sensitive... |
| CVE-2021-30635 | 2021-04-27 | Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote... |
| CVE-2021-30165 | 2021-04-27 | EDIMAX Technology Co., Ltd. HD Wireless Day & Night Network Camera IC-3140W - Hard-coded password |
| CVE-2021-31826 | 2021-04-27 | Shibboleth Service Provider 3.x before 3.2.2 is prone to a... |
| CVE-2019-25042 | 2021-04-27 | Unbound before 1.9.5 allows an out-of-bounds write via a compressed... |
| CVE-2019-25041 | 2021-04-27 | Unbound before 1.9.5 allows an assertion failure via a compressed... |
| CVE-2019-25040 | 2021-04-27 | Unbound before 1.9.5 allows an infinite loop via a compressed... |
| CVE-2019-25039 | 2021-04-27 | Unbound before 1.9.5 allows an integer overflow in a size... |
| CVE-2019-25038 | 2021-04-27 | Unbound before 1.9.5 allows an integer overflow in a size... |
| CVE-2019-25037 | 2021-04-27 | Unbound before 1.9.5 allows an assertion failure and denial of... |
| CVE-2019-25036 | 2021-04-27 | Unbound before 1.9.5 allows an assertion failure and denial of... |
| CVE-2019-25035 | 2021-04-27 | Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE:... |
| CVE-2019-25034 | 2021-04-27 | Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading... |
| CVE-2019-25033 | 2021-04-27 | Unbound before 1.9.5 allows an integer overflow in the regional... |
| CVE-2019-25032 | 2021-04-27 | Unbound before 1.9.5 allows an integer overflow in the regional... |
| CVE-2019-25031 | 2021-04-27 | Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a... |
| CVE-2021-20714 | 2021-04-27 | Directory traversal vulnerability in WP Fastest Cache versions prior to... |
| CVE-2021-20715 | 2021-04-27 | Improper access control vulnerability in Hot Pepper Gourmet App for... |
| CVE-2020-17517 | 2021-04-27 | Ozone S3 Gateway allows bucket and key access to non authenticated users |
| CVE-2021-28125 | 2021-04-27 | Apache Superset Open Redirect |
| CVE-2020-35542 | 2021-04-27 | Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the... |
| CVE-2021-27480 | 2021-04-27 | Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable... |
| CVE-2021-22660 | 2021-04-27 | CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds... |
| CVE-2021-22664 | 2021-04-27 | CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds... |
| CVE-2021-28271 | 2021-04-27 | Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of... |
| CVE-2021-30642 | 2021-04-27 | An input validation flaw in the Symantec Security Analytics web... |
| CVE-2021-28269 | 2021-04-27 | Soyal Technology 701Client 9.0.1 is vulnerable to Insecure permissions via... |
| CVE-2021-3451 | 2021-04-27 | A denial of service vulnerability was reported in Lenovo PCManager,... |
| CVE-2021-3464 | 2021-04-27 | A DLL search path vulnerability was reported in Lenovo PCManager,... |
| CVE-2020-4981 | 2021-04-27 | IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local... |
| CVE-2021-20448 | 2021-04-27 | IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This... |
| CVE-2021-20549 | 2021-04-27 | IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This... |
| CVE-2021-20550 | 2021-04-27 | IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This... |
| CVE-2021-29666 | 2021-04-27 | IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2... |
| CVE-2021-29667 | 2021-04-27 | IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2... |
| CVE-2020-21987 | 2021-04-27 | HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS).... |
| CVE-2020-21989 | 2021-04-27 | HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF).... |
| CVE-2020-21998 | 2021-04-27 | In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter... |
| CVE-2020-22000 | 2021-04-27 | HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability... |
| CVE-2020-22001 | 2021-04-27 | HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing... |
| CVE-2021-30638 | 2021-04-27 | An Information Disclosure due to insufficient input validation exists in Apache Tapestry 5.4.0 and later |
| CVE-2021-21365 | 2021-04-27 | Cross-Site Scripting in Content Rendering |
| CVE-2021-29200 | 2021-04-27 | RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI |
| CVE-2021-30128 | 2021-04-27 | Unsafe deserialization in Apache OFBiz |
| CVE-2021-21429 | 2021-04-27 | Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI Generator Maven plugin |
| CVE-2021-29460 | 2021-04-27 | Cross-site scripting (XSS) from unsanitized uploaded SVG files |
| CVE-2021-29442 | 2021-04-27 | Authentication bypass |
| CVE-2021-29441 | 2021-04-27 | Authentication bypass |
| CVE-2021-29472 | 2021-04-27 | Missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial in composer |
| CVE-2021-29476 | 2021-04-27 | Insecure Deserialization of untrusted data in rmccue/requests |
| CVE-2021-20716 | 2021-04-28 | Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55... |
| CVE-2021-3511 | 2021-04-28 | Disclosure of sensitive information to an unauthorized user vulnerability in... |
| CVE-2021-3512 | 2021-04-28 | Improper access control vulnerability in Buffalo broadband routers (BHR-4GRV firmware... |
| CVE-2021-31815 | 2021-04-28 | GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows... |