CVE List - 2021 / June
Showing 1401 - 1500 of 1691 CVEs for June 2021 (Page 15 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-18662 | 2021-06-24 | SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter... |
| CVE-2021-33346 | 2021-06-24 | There is an arbitrary password modification vulnerability in a D-LINK... |
| CVE-2020-18663 | 2021-06-24 | Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the... |
| CVE-2021-31649 | 2021-06-24 | In applications using jfinal 4.9.08 and below, there is a... |
| CVE-2020-21783 | 2021-06-24 | In IBOS 4.5.4 the email function has a cross site... |
| CVE-2020-21786 | 2021-06-24 | In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via... |
| CVE-2020-21785 | 2021-06-24 | In IBOS 4.5.4 Open, the database backup has Command Injection... |
| CVE-2020-18664 | 2021-06-24 | Cross Site Scripting (XSS) vulnerability in WebPort <=1.19.1via the connection... |
| CVE-2020-21784 | 2021-06-24 | phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. |
| CVE-2020-18665 | 2021-06-24 | Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system... |
| CVE-2020-18667 | 2021-06-24 | SQL Injection vulnerability in WebPort <=1.19.1 via the new connection,... |
| CVE-2021-32704 | 2021-06-24 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in dhis2-core |
| CVE-2021-32708 | 2021-06-24 | Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystem |
| CVE-2021-21571 | 2021-06-24 | Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect... |
| CVE-2021-21572 | 2021-06-24 | Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated... |
| CVE-2021-21573 | 2021-06-24 | Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated... |
| CVE-2021-21574 | 2021-06-24 | Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated... |
| CVE-2021-33000 | 2021-06-24 | Parsing a maliciously crafted project file may cause a heap-based... |
| CVE-2021-33004 | 2021-06-24 | The affected product is vulnerable to memory corruption condition due... |
| CVE-2020-18668 | 2021-06-24 | Cross Site Scripting (XSS) vulnerabililty in WebPort <=1.19.1 via the... |
| CVE-2021-33002 | 2021-06-24 | Opening a maliciously crafted project file may cause an out-of-bounds... |
| CVE-2021-3500 | 2021-06-24 | A flaw was found in djvulibre-3.5.28 and earlier. A Stack... |
| CVE-2020-18670 | 2021-06-24 | Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via... |
| CVE-2021-32491 | 2021-06-24 | A flaw was found in djvulibre-3.5.28 and earlier. An integer... |
| CVE-2020-18671 | 2021-06-24 | Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via... |
| CVE-2021-32490 | 2021-06-24 | A flaw was found in djvulibre-3.5.28 and earlier. An out... |
| CVE-2021-32492 | 2021-06-24 | A flaw was found in djvulibre-3.5.28 and earlier. An out... |
| CVE-2021-32493 | 2021-06-24 | A flaw was found in djvulibre-3.5.28 and earlier. A heap... |
| CVE-2020-4885 | 2021-06-24 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect... |
| CVE-2020-4945 | 2021-06-24 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect... |
| CVE-2021-20579 | 2021-06-24 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect... |
| CVE-2021-29703 | 2021-06-24 | Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)... |
| CVE-2021-29777 | 2021-06-24 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect... |
| CVE-2021-32709 | 2021-06-24 | Creation of order credits was not validated by acl in admin orders |
| CVE-2020-17759 | 2021-06-24 | An issue was found in the Evernote client for Windows... |
| CVE-2020-17753 | 2021-06-24 | An issue was discovered in function addMeByRC in the smart... |
| CVE-2020-17752 | 2021-06-24 | Integer overflow vulnerability in payable function of a smart contract... |
| CVE-2021-35448 | 2021-06-24 | Emote Interactive Remote Mouse 3.008 on Windows allows attackers to... |
| CVE-2021-32710 | 2021-06-24 | Potential Session Hijacking in Shopware |
| CVE-2021-32711 | 2021-06-24 | Leak of information via Store-API |
| CVE-2021-32713 | 2021-06-24 | Authenticated Stored XSS |
| CVE-2021-32712 | 2021-06-24 | Information leakage in Error Handler |
| CVE-2021-32716 | 2021-06-24 | Internal hidden fields are visible on to many associations in admin api |
| CVE-2021-32717 | 2021-06-24 | Private files publicly accessible with Cloud Storage providers |
| CVE-2021-33895 | 2021-06-25 | ETINET BACKBOX E4.09 and H4.09 mismanages password access control. When... |
| CVE-2021-34427 | 2021-06-25 | In Eclipse BIRT versions 4.8.0 and earlier, an attacker can... |
| CVE-2021-35475 | 2021-06-25 | SAS Environment Manager 2.5 allows XSS through the Name field... |
| CVE-2021-35048 | 2021-06-25 | Unauthenticated SQL Injection Vulnerability in Fidelis Network and Deception |
| CVE-2021-35047 | 2021-06-25 | Privileged Command Injection Vulnerability in Fidelis Network and Deception |
| CVE-2021-35050 | 2021-06-25 | User Credentials Stored in a Recoverable Format within Fidelis Network and Deception |
| CVE-2021-35049 | 2021-06-25 | Command Injection Vulnerability in Fidelis Network and Deception |
| CVE-2021-28958 | 2021-06-25 | Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticated... |
| CVE-2021-31615 | 2021-06-25 | Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications... |
| CVE-2020-26801 | 2021-06-25 | A stored cross-site scripting (XSS) vulnerability was discovered in /Forms/device_vars_1... |
| CVE-2021-27040 | 2021-06-25 | A maliciously crafted DWG file can be forced to read... |
| CVE-2021-27041 | 2021-06-25 | A maliciously crafted DWG file can be used to write... |
| CVE-2021-27042 | 2021-06-25 | A maliciously crafted DWG file can be used to write... |
| CVE-2021-27043 | 2021-06-25 | An Arbitrary Address Write issue in the Autodesk DWG application... |
| CVE-2021-34185 | 2021-06-25 | Miniaudio 0.10.35 has an integer-based buffer overflow caused by an... |
| CVE-2021-34184 | 2021-06-25 | Miniaudio 0.10.35 has a Double free vulnerability that could cause... |
| CVE-2021-34074 | 2021-06-25 | PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote... |
| CVE-2021-35501 | 2021-06-25 | PandoraFMS <=7.54 allows Stored XSS by placing a payload in... |
| CVE-2021-3314 | 2021-06-25 | Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A... |
| CVE-2021-32702 | 2021-06-25 | Reflected XSS from the callback handler's error query parameter |
| CVE-2020-4609 | 2021-06-25 | IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2)... |
| CVE-2020-4610 | 2021-06-25 | IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2... |
| CVE-2021-20583 | 2021-06-25 | IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) could... |
| CVE-2021-29676 | 2021-06-25 | IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) is... |
| CVE-2021-29677 | 2021-06-25 | IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) is... |
| CVE-2021-21002 | 2021-06-25 | Denial of Service in Phoenix Contact FL COMSERVER UNI products |
| CVE-2021-21003 | 2021-06-25 | Denial of Service Vulnerability in Phoenix Contact FL SWITCH SMCS series products |
| CVE-2021-21004 | 2021-06-25 | Cross-site Scripting Vulnerability in Phoenix Contact FL SWITCH SMCS series products |
| CVE-2021-21005 | 2021-06-25 | Race Condition Vulnerability in Phoenix Contact FL SWITCH SMCS series products |
| CVE-2021-33528 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by privilege escalation vulnerability |
| CVE-2021-33529 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability |
| CVE-2021-33530 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability |
| CVE-2021-33531 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability |
| CVE-2021-33532 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability |
| CVE-2021-33533 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability |
| CVE-2021-33534 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability |
| CVE-2021-33535 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by exploitable format string vulnerability |
| CVE-2021-33536 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by Denial-of-Service vulnerability |
| CVE-2021-33537 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by Remote Code Execution (RCE) vulnerability |
| CVE-2021-33538 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by improper access control vulnerability |
| CVE-2021-33539 | 2021-06-25 | WEIDMUELLER: WLAN devices affected by authentication bypass vulnerability |
| CVE-2021-33540 | 2021-06-25 | Phoenix Contact: Undocumented FTP acces in certain AXL F BK and IL BK devices |
| CVE-2021-33541 | 2021-06-25 | Phoenix Contact: ILC1x Industrial controllers affected by Denial-of-Service vulnerability |
| CVE-2021-33542 | 2021-06-25 | Phoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerability |
| CVE-2021-1073 | 2021-06-25 | NVIDIA GeForce Experience, all versions prior to 3.23, contains a... |
| CVE-2021-25654 | 2021-06-25 | Avaya Aura Device Services Arbitrary Code Execution Vulnerability |
| CVE-2021-35502 | 2021-06-25 | app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related... |
| CVE-2021-35513 | 2021-06-27 | Mermaid before 8.11.0 allows XSS when the antiscript feature is... |
| CVE-2021-20740 | 2021-06-28 | Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions... |
| CVE-2021-20745 | 2021-06-28 | Inkdrop versions prior to v5.3.1 allows an attacker to execute... |
| CVE-2021-20746 | 2021-06-28 | Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier... |
| CVE-2021-20749 | 2021-06-28 | Cross-site scripting vulnerability in Fudousan plugin ver5.7.0 and earlier, Fudousan... |
| CVE-2021-20750 | 2021-06-28 | Cross-site scripting vulnerability in EC-CUBE EC-CUBE 3.0.0 to 3.0.18-p2 (EC-CUBE... |
| CVE-2021-20751 | 2021-06-28 | Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 (EC-CUBE... |
| CVE-2021-23399 | 2021-06-28 | Arbitrary Command Injection |
| CVE-2021-20099 | 2021-06-28 | Nessus Agent 8.2.4 and earlier for Windows were found to... |