CVE List - 2021 / August
Showing 1001 - 1100 of 2087 CVEs for August 2021 (Page 11 of 21)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-31399 | 2021-08-13 | On 2N Access Unit 2.0 2.31.0.40.5 devices, an attacker can... |
| CVE-2021-27741 | 2021-08-13 | " Security vulnerability in HCL Commerce Management Center allowing XML... |
| CVE-2021-3635 | 2021-08-13 | A flaw was found in the Linux kernel netfilter implementation... |
| CVE-2021-38583 | 2021-08-13 | openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which... |
| CVE-2021-38621 | 2021-08-13 | The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat Server... |
| CVE-2021-38619 | 2021-08-13 | openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an... |
| CVE-2021-37693 | 2021-08-13 | Re-use of email tokens in Discourse |
| CVE-2021-37703 | 2021-08-13 | Information exposure in Discourse |
| CVE-2021-27401 | 2021-08-13 | The Join Meeting page of Mitel MiCollab Web Client before... |
| CVE-2021-27402 | 2021-08-13 | The SAS Admin portal of Mitel MiCollab before 9.2 FP2... |
| CVE-2021-32067 | 2021-08-13 | The MiCollab Client Service component in Mitel MiCollab before 9.3... |
| CVE-2021-32068 | 2021-08-13 | The AWV and MiCollab Client Service components in Mitel MiCollab... |
| CVE-2021-32070 | 2021-08-13 | The MiCollab Client Service component in Mitel MiCollab before 9.3... |
| CVE-2021-32071 | 2021-08-13 | The MiCollab Client service in Mitel MiCollab before 9.3 could... |
| CVE-2021-32072 | 2021-08-13 | The MiCollab Client Service component in Mitel MiCollab before 9.3... |
| CVE-2021-3352 | 2021-08-13 | The Software Development Kit in Mitel MiContact Center Business from... |
| CVE-2021-37586 | 2021-08-13 | The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems... |
| CVE-2021-32069 | 2021-08-13 | The AWV component of Mitel MiCollab before 9.3 could allow... |
| CVE-2021-1104 | 2021-08-13 | The RISC-V Instruction Set Manual contains a documented ambiguity for... |
| CVE-2021-34398 | 2021-08-13 | NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability... |
| CVE-2021-38554 | 2021-08-13 | HashiCorp Vault and Vault Enterprise’s UI erroneously cached and exposed... |
| CVE-2021-38553 | 2021-08-13 | HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an... |
| CVE-2021-29880 | 2021-08-13 | IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1... |
| CVE-2021-37028 | 2021-08-13 | There is a command injection vulnerability in the HG8045Q product.... |
| CVE-2021-36380 | 2021-08-13 | Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via... |
| CVE-2021-36789 | 2021-08-13 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3... |
| CVE-2021-36790 | 2021-08-13 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3... |
| CVE-2021-36791 | 2021-08-13 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3... |
| CVE-2021-36792 | 2021-08-13 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3... |
| CVE-2020-18753 | 2021-08-13 | An issue in Dut Computer Control Engineering Co.'s PLC MAC1100... |
| CVE-2020-18754 | 2021-08-13 | An information disclosure vulnerability exists within Dut Computer Control Engineering... |
| CVE-2020-18756 | 2021-08-13 | An arbitrary memory access vulnerability in the EPA protocol of... |
| CVE-2020-18757 | 2021-08-13 | An issue in Dut Computer Control Engineering Co.'s PLC MAC1100... |
| CVE-2020-18758 | 2021-08-13 | An issue in Dut Computer Control Engineering Co.'s PLC MAC1100... |
| CVE-2020-18759 | 2021-08-13 | An information disclosure vulnerability exists in the EPA protocol of... |
| CVE-2021-36788 | 2021-08-13 | The yoast_seo (aka Yoast SEO) extension before 7.2.3 for TYPO3... |
| CVE-2021-36785 | 2021-08-13 | The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3... |
| CVE-2021-36786 | 2021-08-13 | The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3... |
| CVE-2021-36787 | 2021-08-13 | The femanager extension before 5.5.1 and 6.x before 6.3.1 for... |
| CVE-2021-36793 | 2021-08-13 | The routes (aka Extbase Yaml Routes) extension before 2.1.1 for... |
| CVE-2021-38623 | 2021-08-13 | The deferred_image_processing (aka Deferred image processing) extension before 1.0.2 for... |
| CVE-2021-34823 | 2021-08-13 | The ON24 ScreenShare (aka DesktopScreenShare.app) plugin before 2.0 for macOS... |
| CVE-2021-38302 | 2021-08-13 | The Newsletter extension through 4.0.0 for TYPO3 allows SQL Injection. |
| CVE-2021-21830 | 2021-08-13 | A heap-based buffer overflow vulnerability exists in the XML Decompression... |
| CVE-2021-21829 | 2021-08-13 | A heap-based buffer overflow vulnerability exists in the XML Decompression... |
| CVE-2021-37705 | 2021-08-13 | Improper Authorization and Origin Validation Error in OneFuzz |
| CVE-2020-21066 | 2021-08-13 | An issue was discovered in Bento4 v1.5.1.0. There is a... |
| CVE-2021-21812 | 2021-08-13 | A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg... |
| CVE-2021-21814 | 2021-08-13 | Within the function HandleFileArg the argument filepattern is under control... |
| CVE-2021-21813 | 2021-08-13 | Within the function HandleFileArg the argument filepattern is under control... |
| CVE-2021-21815 | 2021-08-13 | A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg... |
| CVE-2020-36473 | 2021-08-14 | UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus... |
| CVE-2021-37326 | 2021-08-15 | NetSarang Xshell 7 before Build 0077 includes unintended code strings... |
| CVE-2021-38699 | 2021-08-15 | TastyIgniter 3.0.7 allows XSS via /account, /reservation, /admin/dashboard, and /admin/system_logs. |
| CVE-2021-25955 | 2021-08-15 | Stored XSS in “Dolibarr” leads to privilege escalation |
| CVE-2021-22931 | 2021-08-16 | Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote... |
| CVE-2021-22939 | 2021-08-16 | If the Node.js https API was used incorrectly and "undefined"... |
| CVE-2021-22940 | 2021-08-16 | Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a... |
| CVE-2021-33193 | 2021-08-16 | Request splitting via HTTP/2 method injection and mod_proxy |
| CVE-2021-26086 | 2021-08-16 | Affected versions of Atlassian Jira Server and Data Center allow... |
| CVE-2021-38709 | 2021-08-16 | In ocProducts Composr CMS before 10.0.38, an attacker can inject... |
| CVE-2021-38708 | 2021-08-16 | In ocProducts Composr CMS before 10.0.38, an attacker can inject... |
| CVE-2021-38711 | 2021-08-16 | In gitit before 0.15.0.0, the Export feature can be exploited... |
| CVE-2021-38713 | 2021-08-16 | imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header. |
| CVE-2021-38712 | 2021-08-16 | OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE:... |
| CVE-2021-3707 | 2021-08-16 | D-Link router DSL-2750U with firmware vME1.16 or prior versions is... |
| CVE-2021-3708 | 2021-08-16 | D-Link router DSL-2750U with firmware vME1.16 or prior versions is... |
| CVE-2021-35936 | 2021-08-16 | No Authentication on Logging Server |
| CVE-2021-23423 | 2021-08-16 | Directory Traversal |
| CVE-2021-23422 | 2021-08-16 | Arbitrary Code Injection |
| CVE-2021-24362 | 2021-08-16 | Photo Gallery < 1.5.75 - Stored Cross-Site Scripting via Uploaded SVG |
| CVE-2021-24363 | 2021-08-16 | Photo Gallery < 1.5.75 - File Upload Path Traversal |
| CVE-2021-24380 | 2021-08-16 | Shantz WordPress QOTD <= 1.2.2 - Arbitrary Setting Update via CSRF |
| CVE-2021-24410 | 2021-08-16 | Telugu Bible Verse Daily <= 1.0 - CSRF to Stored XSS |
| CVE-2021-24411 | 2021-08-16 | Social Tape <= 1.0 - CSRF to Stored XSS |
| CVE-2021-24445 | 2021-08-16 | My Site Audit <= 1.2.4 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24466 | 2021-08-16 | Verse-O-Matic <= 4.1.1 - CSRF to Stored XSS |
| CVE-2021-24471 | 2021-08-16 | YouTube Embed < 5.2.2 - Contributor+ Stored XSS |
| CVE-2021-24512 | 2021-08-16 | Video Posts Webcam Recorder < 3.2.4 - Authenticated Reflected XSS |
| CVE-2021-24518 | 2021-08-16 | WPFront Notification Bar < 2.0.0.07176 - Authenticated Stored XSS |
| CVE-2021-24519 | 2021-08-16 | Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24526 | 2021-08-16 | Form Maker < 1.13.60 - Authenticated Stored XSS |
| CVE-2021-24527 | 2021-08-16 | Profile Builder < 3.4.9 - Admin Access via Password Reset |
| CVE-2021-24534 | 2021-08-16 | PhoneTrack Meu Site Manager <= 0.1 - Authenticated Stored XSS |
| CVE-2021-24535 | 2021-08-16 | Light Messages <= 1.0 - CSRF to Stored XSS |
| CVE-2021-24536 | 2021-08-16 | Custom Login Redirect <= 1.0.0 - CSRF to Stored XSS |
| CVE-2021-24538 | 2021-08-16 | Current Book <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24540 | 2021-08-16 | Wonder Video Embed < 1.8 - Contributor+ Stored XSS |
| CVE-2021-24541 | 2021-08-16 | Wonder PDF Embed < 1.7 - Contributor+ Stored XSS |
| CVE-2021-24548 | 2021-08-16 | Mimetic Books <= 0.2.13 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-35395 | 2021-08-16 | Realtek Jungle SDK version v2.x up to v3.4.14B provides an... |
| CVE-2021-35394 | 2021-08-16 | Realtek Jungle SDK version v2.x up to v3.4.14B provides a... |
| CVE-2021-35393 | 2021-08-16 | Realtek Jungle SDK version v2.x up to v3.4.14B provides a... |
| CVE-2021-35392 | 2021-08-16 | Realtek Jungle SDK version v2.x up to v3.4.14B provides a... |
| CVE-2021-38607 | 2021-08-16 | Crocoblock JetEngine before 2.6.1 allows XSS by remote authenticated users... |
| CVE-2021-38751 | 2021-08-16 | A HTTP Host header attack exists in ExponentCMS 2.6 and... |
| CVE-2021-38752 | 2021-08-16 | A cross-site scripting (XSS) vulnerability in Online Catering Reservation System... |
| CVE-2021-38753 | 2021-08-16 | An unrestricted file upload on Simple Image Gallery Web App... |
| CVE-2021-38754 | 2021-08-16 | SQL Injection vulnerability in Hospital Management System due to lack... |
| CVE-2021-38755 | 2021-08-16 | Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. |