CVE List - 2021 / July
Showing 301 - 400 of 1581 CVEs for July 2021 (Page 4 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-20586 | 2021-07-08 | A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s=/Auth/editUser... |
| CVE-2021-29711 | 2021-07-08 | IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0,... |
| CVE-2020-18741 | 2021-07-08 | Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify... |
| CVE-2021-34609 | 2021-07-08 | A remote SQL injection vulnerability was discovered in Aruba ClearPass... |
| CVE-2021-34614 | 2021-07-08 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2020-20363 | 2021-07-08 | Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php. |
| CVE-2021-1575 | 2021-07-08 | Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability |
| CVE-2021-1574 | 2021-07-08 | Cisco Business Process Automation Privilege Escalation Vulnerabilities |
| CVE-2021-1359 | 2021-07-08 | Cisco Web Security Appliance Privilege Escalation Vulnerability |
| CVE-2021-1562 | 2021-07-08 | Cisco BroadWorks Application Server Information Disclosure Vulnerability |
| CVE-2021-1576 | 2021-07-08 | Cisco Business Process Automation Privilege Escalation Vulnerabilities |
| CVE-2021-1585 | 2021-07-08 | Cisco Adaptive Security Device Manager Remote Code Execution Vulnerability |
| CVE-2021-1595 | 2021-07-08 | Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities |
| CVE-2021-1596 | 2021-07-08 | Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities |
| CVE-2021-1597 | 2021-07-08 | Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities |
| CVE-2021-1598 | 2021-07-08 | Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities |
| CVE-2021-1603 | 2021-07-08 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities |
| CVE-2021-1604 | 2021-07-08 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities |
| CVE-2021-1605 | 2021-07-08 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities |
| CVE-2021-1606 | 2021-07-08 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities |
| CVE-2021-1607 | 2021-07-08 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities |
| CVE-2020-23580 | 2021-07-08 | Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message... |
| CVE-2021-34612 | 2021-07-08 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-34613 | 2021-07-08 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-34615 | 2021-07-08 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-34616 | 2021-07-08 | A remote arbitrary command execution vulnerability was discovered in Aruba... |
| CVE-2021-36367 | 2021-07-09 | PuTTY through 0.75 proceeds with establishing an SSH session even... |
| CVE-2021-30116 | 2021-07-09 | Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6 |
| CVE-2021-32972 | 2021-07-09 | Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an... |
| CVE-2021-3570 | 2021-07-09 | A flaw was found in the ptp4l program of the... |
| CVE-2021-3571 | 2021-07-09 | A flaw was found in the ptp4l program of the... |
| CVE-2021-3612 | 2021-07-09 | An out-of-bounds memory write flaw was found in the Linux... |
| CVE-2021-3637 | 2021-07-09 | A flaw was found in keycloak-model-infinispan in keycloak versions before... |
| CVE-2012-1102 | 2021-07-09 | It was discovered that the XML::Atom Perl module before version... |
| CVE-2012-2666 | 2021-07-09 | golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in... |
| CVE-2021-36154 | 2021-07-09 | HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers... |
| CVE-2021-36155 | 2021-07-09 | LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of... |
| CVE-2021-36153 | 2021-07-09 | Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1... |
| CVE-2021-23405 | 2021-07-09 | SQL Injection |
| CVE-2021-30117 | 2021-07-09 | Authenticated SQL injection in Kaseya VSA < v9.5.6 |
| CVE-2021-30118 | 2021-07-09 | Unauthenticated Remote Code Execution in Kaseya VSA < v9.5.5 |
| CVE-2021-30119 | 2021-07-09 | Authenticated Authenticated reflective XSS in Kaseya VSA <= v9.5.6 |
| CVE-2021-30120 | 2021-07-09 | 2FA bypass in Kaseya VSA <= v9.5.6 |
| CVE-2021-30121 | 2021-07-09 | (Semi-)Authenticated local file inclusion in Kaseya VSA < v9.5.6 |
| CVE-2021-30201 | 2021-07-09 | Unauthenticated XML External Entity vulnerability in Kaseya VSA < v9.5.6 |
| CVE-2021-32742 | 2021-07-09 | Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash |
| CVE-2021-33012 | 2021-07-09 | Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated... |
| CVE-2021-32752 | 2021-07-09 | Files or Directories Accessible to External Parties in ether/logs |
| CVE-2021-27033 | 2021-07-09 | A Double Free vulnerability allows remote attackers to execute arbitrary... |
| CVE-2021-27034 | 2021-07-09 | A heap-based buffer overflow could occur while parsing PICT, PCX,... |
| CVE-2021-27035 | 2021-07-09 | A maliciously crafted TIFF, TIF, PICT, TGA, or DWF files... |
| CVE-2021-27036 | 2021-07-09 | A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or... |
| CVE-2021-27037 | 2021-07-09 | A maliciously crafted PNG, PDF or DWF file in Autodesk... |
| CVE-2021-27038 | 2021-07-09 | A Type Confusion vulnerability in Autodesk Design Review 2018, 2017,... |
| CVE-2021-27039 | 2021-07-09 | A maliciously crafted TIFF and PCX file can be forced... |
| CVE-2020-22535 | 2021-07-09 | Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list... |
| CVE-2021-3541 | 2021-07-09 | A flaw was found in libxml2. Exponential entity expansion attack... |
| CVE-2020-21333 | 2021-07-09 | Cross Site Scripting (XSS) vulnerability in PublicCMS 4.0 to get... |
| CVE-2021-29712 | 2021-07-09 | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.... |
| CVE-2021-29730 | 2021-07-09 | IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection.... |
| CVE-2021-33795 | 2021-07-09 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect... |
| CVE-2021-33792 | 2021-07-09 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an... |
| CVE-2021-33214 | 2021-07-09 | In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could... |
| CVE-2021-24020 | 2021-07-09 | A missing cryptographic step in the implementation of the hash... |
| CVE-2021-26100 | 2021-07-09 | A missing cryptographic step in the Identity-Based Encryption service of... |
| CVE-2020-29014 | 2021-07-09 | A concurrent execution using shared resource with improper synchronization ('race... |
| CVE-2021-22129 | 2021-07-09 | Multiple instances of incorrect calculation of buffer size in the... |
| CVE-2021-26106 | 2021-07-09 | An improper neutralization of special elements used in an OS... |
| CVE-2021-24007 | 2021-07-09 | Multiple improper neutralization of special elements of SQL commands vulnerabilities... |
| CVE-2021-32753 | 2021-07-09 | Weak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled. |
| CVE-2021-36371 | 2021-07-09 | Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to... |
| CVE-2021-20024 | 2021-07-09 | Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP... |
| CVE-2021-35360 | 2021-07-09 | A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/containers of... |
| CVE-2021-35361 | 2021-07-09 | A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/links of... |
| CVE-2021-35358 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in dotAdmin/#/c/c_Images of... |
| CVE-2020-35987 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Entities... |
| CVE-2020-35986 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Users... |
| CVE-2020-35985 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Global... |
| CVE-2020-35984 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Users... |
| CVE-2020-25879 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Manage... |
| CVE-2020-25878 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Admin-Tools'... |
| CVE-2020-25877 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Add... |
| CVE-2020-25876 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Pages'... |
| CVE-2020-25875 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in the 'Smileys'... |
| CVE-2020-25394 | 2021-07-09 | A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0... |
| CVE-2020-25392 | 2021-07-09 | A cross site scripting (XSS) vulnerability in CSZ CMS 1.2.9... |
| CVE-2020-25391 | 2021-07-09 | A cross site scripting vulnerability in CSZ CMS 1.2.9 allows... |
| CVE-2021-29107 | 2021-07-10 | There is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below. |
| CVE-2021-29106 | 2021-07-10 | There is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below. |
| CVE-2021-29105 | 2021-07-11 | There is a stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below. |
| CVE-2021-29103 | 2021-07-11 | There is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below. |
| CVE-2021-29102 | 2021-07-11 | There is a Server-Side Request Forgery (SSRF) vulnerability in Esri ArcGIS Server Manager version 10.8.1 and below. |
| CVE-2021-29104 | 2021-07-11 | There is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below. |
| CVE-2021-22918 | 2021-07-12 | Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds... |
| CVE-2021-26099 | 2021-07-12 | Missing cryptographic steps in the Identity-Based Encryption service of FortiMail... |
| CVE-2021-22515 | 2021-07-12 | Multi-Factor Authentication (MFA) downgrade exposure in NetIQ Advanced Authentication Server |
| CVE-2021-22921 | 2021-07-12 | Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local... |
| CVE-2021-22916 | 2021-07-12 | In Brave Desktop between versions 1.17 and 1.26.60, when adblocking... |
| CVE-2021-22917 | 2021-07-12 | Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable... |
| CVE-2021-3547 | 2021-07-12 | OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a... |