CVE List - 2021 / May
Showing 601 - 700 of 1494 CVEs for May 2021 (Page 7 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-25713 | 2021-05-13 | A malformed input file can lead to a segfault due... |
| CVE-2021-3528 | 2021-05-13 | A flaw was found in noobaa-operator in versions before 5.7.0,... |
| CVE-2020-21342 | 2021-05-13 | Insecure permissions issue in zzcms 201910 via the reset any... |
| CVE-2021-20025 | 2021-05-13 | SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions... |
| CVE-2021-32917 | 2021-05-13 | An issue was discovered in Prosody before 0.11.9. The proxy65... |
| CVE-2021-32918 | 2021-05-13 | An issue was discovered in Prosody before 0.11.9. Default settings... |
| CVE-2021-32919 | 2021-05-13 | An issue was discovered in Prosody before 0.11.9. The undocumented... |
| CVE-2021-32920 | 2021-05-13 | Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood... |
| CVE-2021-32921 | 2021-05-13 | An issue was discovered in Prosody before 0.11.9. It does... |
| CVE-2021-20181 | 2021-05-13 | A race condition flaw was found in the 9pfs server... |
| CVE-2021-20535 | 2021-05-13 | IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is... |
| CVE-2021-20221 | 2021-05-13 | An out-of-bounds heap buffer access issue was found in the... |
| CVE-2021-22135 | 2021-05-13 | Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure... |
| CVE-2021-22136 | 2021-05-13 | In Kibana versions before 7.12.0 and 6.8.15 a flaw in... |
| CVE-2021-22137 | 2021-05-13 | In Elasticsearch versions before 7.11.2 and 6.8.15 a document disclosure... |
| CVE-2021-22138 | 2021-05-13 | In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0... |
| CVE-2021-22139 | 2021-05-13 | Kibana versions before 7.12.1 contain a denial of service vulnerability... |
| CVE-2021-22140 | 2021-05-13 | Elastic App Search versions after 7.11.0 and before 7.12.0 contain... |
| CVE-2021-32925 | 2021-05-13 | admin/user_import.php in Chamilo 1.11.x reads XML data without disabling the... |
| CVE-2021-29506 | 2021-05-13 | Navigate endpoint is vulnerable to regex injection that may lead to Denial of Service. |
| CVE-2021-29510 | 2021-05-13 | Use of "infinity" as an input to datetime and date fields causes infinite loop in pydantic |
| CVE-2021-23906 | 2021-05-13 | An issue was discovered in the Headunit NTG6 in the... |
| CVE-2021-27413 | 2021-05-13 | Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0... |
| CVE-2021-23907 | 2021-05-13 | An issue was discovered in the Headunit NTG6 in the... |
| CVE-2021-23908 | 2021-05-13 | An issue was discovered in the Headunit NTG6 in the... |
| CVE-2021-23909 | 2021-05-13 | An issue was discovered in HERMES 2.1 in the MBUX... |
| CVE-2021-23910 | 2021-05-13 | An issue was discovered in HERMES 2.1 in the MBUX... |
| CVE-2020-23995 | 2021-05-13 | An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and... |
| CVE-2020-23996 | 2021-05-13 | A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10... |
| CVE-2019-10062 | 2021-05-13 | The HTMLSanitizer class in html-sanitizer.ts in all released versions of... |
| CVE-2021-31876 | 2021-05-13 | Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the... |
| CVE-2021-32615 | 2021-05-13 | Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection. |
| CVE-2021-33026 | 2021-05-13 | The Flask-Caching extension through 1.10.1 for Flask relies on Pickle... |
| CVE-2020-27769 | 2021-05-14 | In ImageMagick versions before 7.0.9-0, there are outside the range... |
| CVE-2021-32819 | 2021-05-14 | Remote code execution in squirrelly |
| CVE-2021-32051 | 2021-05-14 | Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the... |
| CVE-2021-31922 | 2021-05-14 | An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic... |
| CVE-2021-30183 | 2021-05-14 | Cleartext storage of sensitive information in multiple versions of Octopus... |
| CVE-2020-27020 | 2021-05-14 | Password generator feature in Kaspersky Password Manager was not completely... |
| CVE-2020-27149 | 2021-05-14 | By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version... |
| CVE-2020-27150 | 2021-05-14 | In multiple versions of NPort IA5000A Series, the result of... |
| CVE-2021-24188 | 2021-05-14 | WP Content Copy Protection & No Right Click < 3.1.5 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24189 | 2021-05-14 | Captchinoo, Google recaptcha for admin login page < 2.4 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24190 | 2021-05-14 | WooCommerce Conditional Marketing Mailer < 1.5.2 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24191 | 2021-05-14 | WP Maintenance Mode & Site Under Construction < 1.8.2 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24192 | 2021-05-14 | Tree Sitemap < 2.9 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24193 | 2021-05-14 | Visitor Traffic Real Time Statistics < 2.12 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24194 | 2021-05-14 | Login Protection - Limit Failed Login Attempts < 2.9 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24195 | 2021-05-14 | Login as User or Customer (User Switching) < 1.9 - Arbitrary Plugin Installation/Activation via Low Privilege User |
| CVE-2021-24277 | 2021-05-14 | RSS for Yandex Turbo < 1.30 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24278 | 2021-05-14 | Redirection for Contact Form 7 < 2.3.4 - Unauthenticated Arbitrary Nonce Generation |
| CVE-2021-24279 | 2021-05-14 | Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Plugin Installation |
| CVE-2021-24280 | 2021-05-14 | Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection |
| CVE-2021-24281 | 2021-05-14 | Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Post Deletion |
| CVE-2021-24282 | 2021-05-14 | Redirection for Contact Form 7 < 2.3.4 - Unprotected AJAX Actions |
| CVE-2021-24283 | 2021-05-14 | Accordion < 2.2.30 - Authenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2021-24284 | 2021-05-14 | Kaswara Modern VC Addons <= 3.0.1 - Unauthenticated Arbitrary File Upload |
| CVE-2021-24285 | 2021-05-14 | Car Seller - Auto Classifieds Script <= 2.1.0 - Unauthenticated SQL Injection |
| CVE-2021-24286 | 2021-05-14 | Redirect 404 to Parent < 1.3.1 - Reflected Cross-Site Scripting (XSS) |
| CVE-2021-24287 | 2021-05-14 | Select All Categories and Taxonomies < 1.3.2 - Reflected Cross-Site Scripting (XSS) |
| CVE-2021-24291 | 2021-05-14 | Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS) |
| CVE-2020-27184 | 2021-05-14 | The NPort IA5000A Series devices use Telnet as one of... |
| CVE-2020-27185 | 2021-05-14 | Cleartext transmission of sensitive information via Moxa Service in NPort... |
| CVE-2021-32613 | 2021-05-14 | In radare2 through 5.3.0 there is a double free vulnerability... |
| CVE-2020-18166 | 2021-05-14 | Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to... |
| CVE-2020-18167 | 2021-05-14 | Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers... |
| CVE-2021-25943 | 2021-05-14 | Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows... |
| CVE-2021-25941 | 2021-05-14 | Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows... |
| CVE-2020-23689 | 2021-05-14 | In YFCMF v2.3.1, there is a stored XSS vulnerability in... |
| CVE-2020-23691 | 2021-05-14 | YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in... |
| CVE-2020-4811 | 2021-05-14 | IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0,... |
| CVE-2020-4985 | 2021-05-14 | IBM Planning Analytics Local 2.0 could allow an attacker to... |
| CVE-2021-20391 | 2021-05-14 | IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web... |
| CVE-2021-20392 | 2021-05-14 | IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable... |
| CVE-2021-20393 | 2021-05-14 | IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow... |
| CVE-2021-20429 | 2021-05-14 | IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose... |
| CVE-2021-20564 | 2021-05-14 | IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0,... |
| CVE-2021-20565 | 2021-05-14 | IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0,... |
| CVE-2021-32816 | 2021-05-14 | Regular expression Denial of Service in ProtonMail |
| CVE-2021-32817 | 2021-05-14 | File disclosure in express-hbs |
| CVE-2021-32818 | 2021-05-14 | Remote code execution and Reflected cross site scripting in haml-coffee |
| CVE-2021-32820 | 2021-05-14 | File disclosure in Express Handlebars |
| CVE-2021-29512 | 2021-05-14 | Heap buffer overflow in `RaggedBinCount` |
| CVE-2021-29554 | 2021-05-14 | Division by 0 in `DenseCountSparseOutput` |
| CVE-2021-29553 | 2021-05-14 | Heap OOB in `QuantizeAndDequantizeV3` |
| CVE-2021-29552 | 2021-05-14 | CHECK-failure in `UnsortedSegmentJoin` |
| CVE-2021-29551 | 2021-05-14 | OOB read in `MatrixTriangularSolve` |
| CVE-2021-29550 | 2021-05-14 | Division by 0 in `FractionalAvgPool` |
| CVE-2021-29549 | 2021-05-14 | Division by 0 in `QuantizedAdd` |
| CVE-2021-29548 | 2021-05-14 | Division by 0 in `QuantizedBatchNormWithGlobalNormalization` |
| CVE-2021-29547 | 2021-05-14 | Heap out of bounds in `QuantizedBatchNormWithGlobalNormalization` |
| CVE-2021-29546 | 2021-05-14 | Division by 0 in `QuantizedBiasAdd` |
| CVE-2021-29545 | 2021-05-14 | Heap buffer overflow in `SparseTensorToCSRSparseMatrix` |
| CVE-2021-29544 | 2021-05-14 | CHECK-fail in `QuantizeAndDequantizeV4Grad` |
| CVE-2021-29543 | 2021-05-14 | CHECK-fail in `CTCGreedyDecoder` |
| CVE-2021-29542 | 2021-05-14 | Heap buffer overflow in `StringNGrams` |
| CVE-2021-29541 | 2021-05-14 | Null pointer dereference in `StringNGrams` |
| CVE-2021-29540 | 2021-05-14 | Heap buffer overflow in `Conv2DBackpropFilter` |
| CVE-2021-29539 | 2021-05-14 | Segfault in tf.raw_ops.ImmutableConst |
| CVE-2021-29538 | 2021-05-14 | Division by zero in `Conv2DBackpropFilter` |