Vulnerabilities (CVE)

Filtered by CWE-116
Total 242 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40007 1 Huawei 2 Ecns280 Td, Ecns280 Td Firmware 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.
CVE-2021-39367 1 Canon 1 Oce Print Exec Workgroup 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection.
CVE-2021-38751 1 Exponentcms 1 Exponentcms 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM.
CVE-2021-38182 1 Kyma-project 1 Kyma 2024-11-21 6.5 MEDIUM 8.8 HIGH
Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.
CVE-2021-34630 1 Gtranslate 1 Gtranslate 2024-11-21 4.3 MEDIUM 5.0 MEDIUM
In the Pro and Enterprise versions of GTranslate < 2.8.65, the gtranslate_request_uri_var function runs at the top of all pages and echoes out the contents of $_SERVER['REQUEST_URI']. Although this uses addslashes, and most modern browsers automatically URLencode requests, this plugin is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below, or in cases where an attacker is able to modify the request en route between the client and the server, or in cases where the user is using an atypical browsing solution.
CVE-2021-33672 1 Sap 1 Contact Center 2024-11-21 9.3 HIGH 9.6 CRITICAL
Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the attacker can further execute operating system level commands in the chat recipient's scope. This could lead to a complete compromise of their confidentiality, integrity, and could temporarily impact their availability.
CVE-2021-32812 1 Tekmonks 1 Monkshu 2024-11-21 4.3 MEDIUM 4.6 MEDIUM
Monkshu is an enterprise application server for mobile apps (iOS and Android), responsive HTML 5 apps, and JSON API services. In version 2.90 and earlier, there is a reflected cross-site scripting vulnerability in frontend HTTP server. The attacker can send in a carefully crafted URL along with a known bug in the server which will cause a 500 error, and the response will then embed the URL provided by the hacker. The impact is moderate as the hacker must also be able to craft an HTTP request which should cause a 500 server error. None such requests are known as this point. The issue is patched in version 2.95. As a workaround, one may use a disk caching plugin.
CVE-2021-32796 1 Xmldom Project 1 Xmldom 2024-11-21 5.0 MEDIUM 6.5 MEDIUM
xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.
CVE-2021-32679 2 Fedoraproject, Nextcloud 2 Fedora, Nextcloud Server 2024-11-21 6.8 MEDIUM 3.5 LOW
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using `DownloadResponse`. When a user-supplied filename was passed unsanitized into a `DownloadResponse`, this could be used to trick users into downloading malicious files with a benign file extension. This would show in UI behaviours where Nextcloud applications would display a benign file extension (e.g. JPEG), but the file will actually be downloaded with an executable file extension. The vulnerability is patched in versions 19.0.13, 20.0.11, and 21.0.3. Administrators of Nextcloud instances do not have a workaround available, but developers of Nextcloud apps may manually escape the file name before passing it into `DownloadResponse`.
CVE-2021-32072 1 Mitel 1 Micollab 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods.
CVE-2021-32067 1 Mitel 1 Micollab 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization.
CVE-2021-31806 4 Debian, Fedoraproject, Netapp and 1 more 4 Debian Linux, Fedora, Cloud Manager and 1 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
CVE-2021-30640 3 Apache, Debian, Oracle 7 Tomcat, Debian Linux, Communications Cloud Native Core Policy and 4 more 2024-11-21 5.8 MEDIUM 6.5 MEDIUM
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.
CVE-2021-30589 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.
CVE-2021-29872 1 Ibm 1 Cloud Pak For Automation 2024-11-21 3.5 LOW 5.4 MEDIUM
IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 206228.
CVE-2021-28940 1 Magpierss Project 1 Magpierss 2024-11-21 7.5 HIGH 9.8 CRITICAL
Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/magpie_debug.php and /scripts/magpie_simple.php page that if you send a specific https url in the RSS URL field, you are able to execute arbitrary commands.
CVE-2021-28662 3 Debian, Fedoraproject, Squid-cache 3 Debian Linux, Fedora, Squid 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.
CVE-2021-23205 1 Gallagher 1 Command Centre 2024-11-21 8.5 HIGH 8.1 HIGH
Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); version 8.10 and prior versions.
CVE-2021-22254 1 Gitlab 1 Gitlab 2024-11-21 3.5 LOW 3.1 LOW
Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9.
CVE-2021-21684 1 Jenkins 1 Git 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability.