CVE List - 2021 / September
Showing 201 - 300 of 1899 CVEs for September 2021 (Page 3 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-40528 | 2021-09-06 | The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key,... |
| CVE-2021-24303 | 2021-09-06 | JiangQie Official Website Mini Program < 1.1.1 - Authenticated SQL Injection |
| CVE-2021-24390 | 2021-09-06 | Alipay <= 3.7.2 - Authenticated SQL Injection |
| CVE-2021-24391 | 2021-09-06 | Cashtomer <= 1.0.0 - Authenticated SQL Injection |
| CVE-2021-24392 | 2021-09-06 | WordPress Membership SwiftCloud.io <= 1.0 - Authenticated SQL Injection |
| CVE-2021-24393 | 2021-09-06 | Comment Highlighter <= 0.13 - Authenticated SQL Injection |
| CVE-2021-24394 | 2021-09-06 | Easy Testimonial Manager <= 1.2.0 - Authenticated SQL Injection |
| CVE-2021-24395 | 2021-09-06 | Embed Youtube Video <= 1.0 - Authenticated SQL Injection |
| CVE-2021-24435 | 2021-09-06 | Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS) |
| CVE-2021-24513 | 2021-09-06 | Form Builder < 1.9.8.4 - Authenticated Stored Cross-Site Scripting |
| CVE-2021-24517 | 2021-09-06 | Stop Spammers Security < 2021.18 - Authenticated Stored XSS |
| CVE-2021-24568 | 2021-09-06 | AddToAny < 1.7.46 - Authenticated Stored XSS |
| CVE-2021-24588 | 2021-09-06 | SMS Alert Order Notifications – WooCommerce < 3.4.7 Authenticated Cross Site Scripting |
| CVE-2021-24590 | 2021-09-06 | Cookie Notice & Consent Banner for GDPR & CCPA Compliance < 1.7.2 - Authenticated Stored XSS |
| CVE-2021-24591 | 2021-09-06 | Highlight < 0.9.3 - Authenticated Stored Cross-Site Scripting |
| CVE-2021-24599 | 2021-09-06 | Email Encoder < 2.1.2 - Reflected Cross Site Scripting |
| CVE-2021-24601 | 2021-09-06 | WPFront Notification Bar < 2.1.0.08087 - Authenticated Stored XSS |
| CVE-2021-24603 | 2021-09-06 | Site Reviews < 5.13.1 - Authenticated Stored XSS |
| CVE-2021-24611 | 2021-09-06 | Keywords & Meta <= 3.0 - CSRF to Stored Cross-Site Scripting (XSS) |
| CVE-2021-32568 | 2021-09-06 | Deserialization of Untrusted Data in zmister2016/mrdoc |
| CVE-2021-3766 | 2021-09-06 | Prototype Pollution in vincit/objection.js |
| CVE-2021-3767 | 2021-09-06 | Cross-site Scripting (XSS) - Stored in bookstackapp/bookstack |
| CVE-2021-3768 | 2021-09-06 | Cross-site Scripting (XSS) - Stored in bookstackapp/bookstack |
| CVE-2021-25735 | 2021-09-06 | Validating Admission Webhook does not observe some previous fields |
| CVE-2021-25737 | 2021-09-06 | Holes in EndpointSlice Validation Enable Host Network Hijack |
| CVE-2021-36744 | 2021-09-06 | Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial... |
| CVE-2021-36093 | 2021-09-06 | DoS attack using PostMaster filters |
| CVE-2021-36094 | 2021-09-06 | XSS attack in appointment edit popup screen |
| CVE-2021-36095 | 2021-09-06 | User enumeration issue using "lost password" feature |
| CVE-2021-36096 | 2021-09-06 | Support Bundle includes S/Mime and PGP secret or PIN |
| CVE-2020-15939 | 2021-09-06 | An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the... |
| CVE-2021-40530 | 2021-09-06 | The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key,... |
| CVE-2021-40529 | 2021-09-06 | The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the... |
| CVE-2021-24006 | 2021-09-06 | An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting... |
| CVE-2021-40531 | 2021-09-06 | Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution,... |
| CVE-2021-40532 | 2021-09-06 | Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension. |
| CVE-2021-33285 | 2021-09-07 | In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of... |
| CVE-2021-33286 | 2021-09-07 | In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. |
| CVE-2021-33287 | 2021-09-07 | In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or... |
| CVE-2021-33289 | 2021-09-07 | In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. |
| CVE-2021-35266 | 2021-09-07 | In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of... |
| CVE-2021-35267 | 2021-09-07 | NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. |
| CVE-2021-35268 | 2021-09-07 | In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of... |
| CVE-2021-35269 | 2021-09-07 | NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and... |
| CVE-2021-39251 | 2021-09-07 | A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. |
| CVE-2021-39252 | 2021-09-07 | A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22. |
| CVE-2021-39253 | 2021-09-07 | A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22. |
| CVE-2021-39254 | 2021-09-07 | A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. |
| CVE-2021-39255 | 2021-09-07 | A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. |
| CVE-2021-39256 | 2021-09-07 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. |
| CVE-2021-39257 | 2021-09-07 | A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. |
| CVE-2021-39258 | 2021-09-07 | A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. |
| CVE-2021-39259 | 2021-09-07 | A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. |
| CVE-2021-39260 | 2021-09-07 | A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. |
| CVE-2021-39261 | 2021-09-07 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. |
| CVE-2021-39262 | 2021-09-07 | A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22. |
| CVE-2021-39263 | 2021-09-07 | A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. |
| CVE-2021-40540 | 2021-09-07 | ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests. |
| CVE-2021-33483 | 2021-09-07 | An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. The comment posting functionality allows an attacker to add an XSS payload to the JSON request that will execute... |
| CVE-2021-33484 | 2021-09-07 | An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can download a copy of the installer, decompile it, and discover a hardcoded IV used to encrypt... |
| CVE-2021-33831 | 2021-09-07 | api/account/register in the TH Wildau COVID-19 Contact Tracing application through 2021-09-01 has Incorrect Access Control. An attacker can interfere with tracing of infection chains by creating 500 random users within... |
| CVE-2021-38840 | 2021-09-07 | SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter. |
| CVE-2021-38841 | 2021-09-07 | Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action. |
| CVE-2021-39278 | 2021-09-07 | Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T... |
| CVE-2021-39279 | 2021-09-07 | Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU... |
| CVE-2021-28136 | 2021-09-07 | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in... |
| CVE-2021-34144 | 2021-09-07 | The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMP_SCO_Link_Request packets while no other BT connections are active,... |
| CVE-2021-28135 | 2021-09-07 | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial... |
| CVE-2021-28155 | 2021-09-07 | The Bluetooth Classic implementation on JBL TUNE500BT devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service... |
| CVE-2021-34150 | 2021-09-07 | The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active,... |
| CVE-2021-31613 | 2021-09-07 | The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers... |
| CVE-2021-31611 | 2021-09-07 | The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attackers... |
| CVE-2021-31786 | 2021-09-07 | The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT... |
| CVE-2021-31785 | 2021-09-07 | The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to trigger a denial of... |
| CVE-2021-31610 | 2021-09-07 | The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either... |
| CVE-2021-34149 | 2021-09-07 | The Bluetooth Classic implementation on the Texas Instruments CC256XCQFN-EM does not properly handle the reception of continuous LMP_AU_Rand packets, allowing attackers in radio range to trigger a denial of service... |
| CVE-2021-34146 | 2021-09-07 | The Bluetooth Classic implementation in the Cypress CYW920735Q60EVB does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service... |
| CVE-2021-34143 | 2021-09-07 | The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C_DEMO_V1.0 does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of... |
| CVE-2021-34145 | 2021-09-07 | The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMP_max_slot with an invalid Baseband packet type (and... |
| CVE-2021-34148 | 2021-09-07 | The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMP_max_slot with a greater ACL Length after completion... |
| CVE-2021-34147 | 2021-09-07 | The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple... |
| CVE-2021-28139 | 2021-09-07 | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio... |
| CVE-2021-31609 | 2021-09-07 | The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio... |
| CVE-2021-31612 | 2021-09-07 | The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure,... |
| CVE-2021-36162 | 2021-09-07 | Unprotected yaml deserialization cause RCE |
| CVE-2021-36163 | 2021-09-07 | Unsafe deserialization in providers using the Hessian protocol |
| CVE-2021-36696 | 2021-09-07 | Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in social media links on a user profile due to lack of input... |
| CVE-2021-38615 | 2021-09-07 | In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration endpoint allows any logged-in user (guest, standard, or admin) to view and modify information. |
| CVE-2021-38617 | 2021-09-07 | In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/ user creation endpoint allows a standard user to create a super user account with a defined password. This... |
| CVE-2021-38616 | 2021-09-07 | In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/{user-guid}/ user edition endpoint could permit any logged-in user to increase their own permissions via a user_permissions array in... |
| CVE-2021-37219 | 2021-09-07 | HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in... |
| CVE-2021-36717 | 2021-09-07 | Synerion TimeNet version 9.21 - Directory Traversal |
| CVE-2021-37218 | 2021-09-07 | HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10... |
| CVE-2020-7877 | 2021-09-07 | ZOOK solution(remote administration tool) buffer overflow vulnerability |
| CVE-2021-38698 | 2021-09-07 | HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2. |
| CVE-2021-37716 | 2021-09-07 | A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released... |
| CVE-2019-5318 | 2021-09-07 | A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0. Aruba has released patches for ArubaOS... |
| CVE-2021-37717 | 2021-09-07 | A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has... |
| CVE-2021-37719 | 2021-09-07 | A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25.... |
| CVE-2021-37720 | 2021-09-07 | A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25.... |