CVE List - 2021 / June
Showing 1 - 100 of 1691 CVEs for June 2021 (Page 1 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-31684 | 2021-06-01 | A vulnerability was discovered in the indexOf function of JSONParserByteArray... |
| CVE-2021-32027 | 2021-06-01 | A flaw was found in postgresql in versions before 13.3,... |
| CVE-2021-33180 | 2021-06-01 | Improper neutralization of special elements used in an SQL command... |
| CVE-2021-29092 | 2021-06-01 | Unrestricted upload of file with dangerous type vulnerability in file... |
| CVE-2021-29088 | 2021-06-01 | Improper limitation of a pathname to a restricted directory ('Path... |
| CVE-2021-33183 | 2021-06-01 | Improper limitation of a pathname to a restricted directory ('Path... |
| CVE-2021-33184 | 2021-06-01 | Server-Side request forgery (SSRF) vulnerability in task management component in... |
| CVE-2021-33182 | 2021-06-01 | Improper limitation of a pathname to a restricted directory ('Path... |
| CVE-2021-33181 | 2021-06-01 | Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology... |
| CVE-2021-25932 | 2021-06-01 | In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions... |
| CVE-2021-27828 | 2021-06-01 | SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify... |
| CVE-2021-24309 | 2021-06-01 | Weekly Schedule < 3.4.3 - Authenticated Stored XSS |
| CVE-2021-24310 | 2021-06-01 | Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title |
| CVE-2021-24311 | 2021-06-01 | External Media < 1.0.34 - Authenticated Arbitrary File Upload |
| CVE-2021-24312 | 2021-06-01 | WP Super Cache < 1.7.3 - Authenticated Remote Code Execution |
| CVE-2021-24313 | 2021-06-01 | WP Prayer < 1.6.2 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24316 | 2021-06-01 | Mediumish <= 1.0.47 - Unauthenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2021-24317 | 2021-06-01 | Listeo < 1.6.11 - Multiple XSS & XFS vulnerabilities |
| CVE-2021-24318 | 2021-06-01 | Listeo < 1.6.11 - Multiple Authenticated IDOR Vulnerabilities |
| CVE-2021-24319 | 2021-06-01 | Bello < 1.6.0 - Authenticated Cross-Site Scripting (XSS) and XFS |
| CVE-2021-24320 | 2021-06-01 | Bello < 1.6.0 - Unauthenticated Reflected XSS & XFS |
| CVE-2021-24321 | 2021-06-01 | Bello < 1.6.0 - Unauthenticated Blind SQL Injection |
| CVE-2021-24322 | 2021-06-01 | Database Backup for WordPress < 2.4 - Authenticated Persistent Cross-Site Scripting (XSS) |
| CVE-2021-24328 | 2021-06-01 | WP Login Security and History <= 1.0 - CSRF to Stored Cross-Site Scripting (XSS) |
| CVE-2021-24329 | 2021-06-01 | WP Super Cache < 1.7.3 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24330 | 2021-06-01 | Funnel Builder by CartFlows < 1.6.13 - Authenticated Stored XSS via FB Pixel ID and Google Analytics ID |
| CVE-2021-24331 | 2021-06-01 | Smooth Scroll Page Up/Down Buttons < 1.4 - Authenticated Stored XSS |
| CVE-2021-24333 | 2021-06-01 | Content Copy Protection & Prevent Image Save <= 1.3 - CSRF to Stored Cross-Site Scripting (XSS) |
| CVE-2021-24334 | 2021-06-01 | Instant Images WordPress Plugin < 4.4.0.1 - Authenticated Stored XSS & XFS |
| CVE-2021-24335 | 2021-06-01 | Car Repair Services < 4.0 - Unauthenticated Reflected XSS & XFS |
| CVE-2020-1920 | 2021-06-01 | A regular expression denial of service (ReDoS) vulnerability in the... |
| CVE-2021-23018 | 2021-06-01 | Intra-cluster communication does not use TLS. The services within the... |
| CVE-2021-23019 | 2021-06-01 | The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0... |
| CVE-2021-23020 | 2021-06-01 | The NAAS 3.x before 3.10.0 API keys were generated using... |
| CVE-2021-23021 | 2021-06-01 | The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf... |
| CVE-2021-23017 | 2021-06-01 | A security issue in nginx resolver was identified, which might... |
| CVE-2020-27748 | 2021-06-01 | A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1... |
| CVE-2021-3543 | 2021-06-01 | A flaw null pointer dereference in the Nitro Enclaves kernel... |
| CVE-2021-3495 | 2021-06-01 | An incorrect access control flaw was found in the kiali-operator... |
| CVE-2021-3515 | 2021-06-01 | A shell injection flaw was found in pglogical in versions... |
| CVE-2021-20306 | 2021-06-01 | A flaw was found in the BPMN editor in version... |
| CVE-2021-3516 | 2021-06-01 | There's a flaw in libxml2's xmllint in versions before 2.9.11.... |
| CVE-2021-3412 | 2021-06-01 | It was found that all versions of 3Scale developer portal... |
| CVE-2021-29740 | 2021-06-01 | IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3... |
| CVE-2021-31641 | 2021-06-01 | An unauthenticated XSS vulnerability exists in several IoT devices from... |
| CVE-2020-26668 | 2021-06-01 | A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree... |
| CVE-2020-26669 | 2021-06-01 | A stored cross-site scripting (XSS) vulnerability was discovered in BigTree... |
| CVE-2020-26670 | 2021-06-01 | A vulnerability has been discovered in BigTree CMS 4.4.10 and... |
| CVE-2021-31642 | 2021-06-01 | A denial of service condition exists after an integer overflow... |
| CVE-2021-31643 | 2021-06-01 | An XSS vulnerability exists in several IoT devices from CHIYU... |
| CVE-2020-26693 | 2021-06-01 | A stored cross-site scripting (XSS) vulnerability was discovered in pfSense... |
| CVE-2020-17541 | 2021-06-01 | Libjpeg-turbo all version have a stack-based buffer overflow in the... |
| CVE-2020-27377 | 2021-06-01 | A cross-site scripting (XSS) vulnerability was discovered in the Administrator... |
| CVE-2021-32651 | 2021-06-01 | LDAP injection via OneDev may leak some LDAP directory information |
| CVE-2021-32924 | 2021-06-01 | Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based... |
| CVE-2020-22035 | 2021-06-01 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in... |
| CVE-2020-22036 | 2021-06-01 | A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in... |
| CVE-2021-3424 | 2021-06-01 | A flaw was found in keycloak as shipped in Red... |
| CVE-2021-32652 | 2021-06-01 | Missing permission check on email metadata retrieval |
| CVE-2021-3425 | 2021-06-01 | A flaw was found in the AMQ Broker that discloses... |
| CVE-2020-22040 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 idue... |
| CVE-2020-22037 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 due... |
| CVE-2020-22038 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 due... |
| CVE-2020-22039 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 due... |
| CVE-2020-22041 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 due... |
| CVE-2021-32653 | 2021-06-01 | Default settings leak federated cloud ID to lookup server of all users |
| CVE-2020-22042 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 due... |
| CVE-2021-26111 | 2021-06-01 | A missing release of memory after effective lifetime vulnerability in... |
| CVE-2020-22043 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 due... |
| CVE-2021-22123 | 2021-06-01 | An OS command injection vulnerability in FortiWeb's management interface 6.3.7... |
| CVE-2020-22044 | 2021-06-01 | A Denial of Service vulnerability exists in FFmpeg 4.2 due... |
| CVE-2021-32654 | 2021-06-01 | Attacker can obtain write access to any federated share/public link |
| CVE-2021-32655 | 2021-06-01 | Files Drop public link can be added as federated share |
| CVE-2021-32656 | 2021-06-01 | Trusted servers exchange can be triggered by attacker |
| CVE-2021-32657 | 2021-06-01 | Malicious user could break user administration page |
| CVE-2021-28676 | 2021-06-02 | An issue was discovered in Pillow before 8.2.0. For FLI... |
| CVE-2021-30474 | 2021-06-02 | aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. |
| CVE-2021-31855 | 2021-06-02 | KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in... |
| CVE-2021-29091 | 2021-06-02 | Improper limitation of a pathname to a restricted directory ('Path... |
| CVE-2021-29090 | 2021-06-02 | Improper neutralization of special elements used in an SQL command... |
| CVE-2021-29089 | 2021-06-02 | Improper neutralization of special elements used in an SQL command... |
| CVE-2020-6641 | 2021-06-02 | Two authorization bypass through user-controlled key vulnerabilities in the Fortinet... |
| CVE-2020-10742 | 2021-06-02 | A flaw was found in the Linux kernel. An index... |
| CVE-2020-10743 | 2021-06-02 | It was discovered that OpenShift Container Platform's (OCP) distribution of... |
| CVE-2020-10771 | 2021-06-02 | A flaw was found in Infinispan version 10, where it... |
| CVE-2020-14326 | 2021-06-02 | A vulnerability was found in RESTEasy, where RootNode incorrectly caches... |
| CVE-2020-14317 | 2021-06-02 | It was found that the issue for security flaw CVE-2019-3805... |
| CVE-2020-14336 | 2021-06-02 | A flaw was found in the Restricted Security Context Constraints... |
| CVE-2020-14335 | 2021-06-02 | A flaw was found in Red Hat Satellite, which allows... |
| CVE-2020-14340 | 2021-06-02 | A vulnerability was discovered in XNIO where file descriptor leak... |
| CVE-2020-14371 | 2021-06-02 | A credential leak vulnerability was found in Red Hat Satellite.... |
| CVE-2020-14380 | 2021-06-02 | An account takeover flaw was found in Red Hat Satellite... |
| CVE-2021-3520 | 2021-06-02 | There's a flaw in lz4. An attacker who submits a... |
| CVE-2020-14388 | 2021-06-02 | A flaw was found in the Red Hat 3scale API... |
| CVE-2021-24012 | 2021-06-02 | An improper following of a certificate's chain of trust vulnerability... |
| CVE-2021-23894 | 2021-06-02 | Unauthorized deserialization of untrusted data in McAfee DBSec |
| CVE-2021-23895 | 2021-06-02 | Authorized deserialization of untrusted data in McAfee DBSec |
| CVE-2021-23896 | 2021-06-02 | Cleartext Transmission of Sensitive Information in McAfee DBSec |
| CVE-2020-35514 | 2021-06-02 | An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found... |
| CVE-2020-35510 | 2021-06-02 | A flaw was found in jboss-remoting in versions before 5.0.20.SP1-redhat-00001.... |