Vulnerabilities (CVE)

Filtered by CWE-829
Total 123 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-32802 1 Nextcloud 1 Nextcloud Server 2024-11-21 10.0 HIGH 9.3 CRITICAL
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There are several security concerns with passing user-generated content to this library, such as Server-Side-Request-Forgery, file disclosure or potentially executing code on the system. The risk depends on your system configuration and the installed library version. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. These versions do not use this library anymore. As a workaround users may disable previews by setting `enable_previews` to `false` in `config.php`.
CVE-2021-30507 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
CVE-2021-30121 1 Kaseya 1 Vsa 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118
CVE-2021-29777 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031.
CVE-2021-29427 2 Gradle, Quarkus 2 Gradle, Quarkus 2024-11-21 6.0 MEDIUM 8.0 HIGH
In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies. This feature was introduced in the wake of the "A Confusing Dependency" blog post. In some cases, Gradle may ignore content filters and search all repositories for dependencies. This only occurs when repository content filtering is used from within a `pluginManagement` block in a settings file. This may change how dependencies are resolved for Gradle plugins and build scripts. For builds that are vulnerable, there are two risks: 1) Information disclosure: Gradle could make dependency requests to repositories outside your organization and leak internal package identifiers. 2) Dependency poisoning/Dependency confusion: Gradle could download a malicious binary from a repository outside your organization due to name squatting. For a full example and more details refer to the referenced GitHub Security Advisory. The problem has been patched and released with Gradle 7.0. Users relying on this feature should upgrade their build as soon as possible. As a workaround, users may use a company repository which has the right rules for fetching packages from public repositories, or use project level repository content filtering, inside `buildscript.repositories`. This option is available since Gradle 5.1 when the feature was introduced.
CVE-2021-29113 1 Esri 1 Arcgis Server 2024-11-21 4.3 MEDIUM 4.7 MEDIUM
A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote, unauthenticated attacker to inject attacker supplied html into a page.
CVE-2021-28162 1 Eclipse 1 Theia 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.
CVE-2021-26272 2 Ckeditor, Oracle 10 Ckeditor, Agile Plm, Application Express and 7 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).
CVE-2021-26271 2 Ckeditor, Oracle 7 Ckeditor, Agile Plm, Application Express and 4 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
CVE-2021-21804 1 Advantech 1 R-seenet 2024-11-21 7.5 HIGH 9.8 CRITICAL
A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability.
CVE-2021-20843 2 Ntt-west, Yamaha 16 Biz Box Nvr510, Biz Box Nvr510 Firmware, Biz Box Nvr700w and 13 more 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted web page.
CVE-2021-20443 3 Ibm, Linux, Microsoft 3 Maximo For Civil Infrastructure, Linux Kernel, Windows 2024-11-21 6.5 MEDIUM 8.8 HIGH
IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619.
CVE-2021-20187 1 Moodle 1 Moodle 2024-11-21 6.5 MEDIUM 7.2 HIGH
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.
CVE-2020-5295 1 Octobercms 1 October 2024-11-21 4.0 MEDIUM 4.8 MEDIUM
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466).
CVE-2020-4561 2 Ibm, Netapp 2 Cognos Analytics, Oncommand Insight 2024-11-21 7.5 HIGH 10.0 CRITICAL
IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.
CVE-2020-3794 1 Adobe 1 Coldfusion 2024-11-21 10.0 HIGH 9.8 CRITICAL
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.
CVE-2020-29072 1 Liquidfiles 1 Liquidfiles 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. This client-side attack requires user interaction (opening a link) and successful exploitation could lead to encrypted e-mail content leakage via messages/sent?format=js and popup?format=js.
CVE-2020-25788 1 Tt-rss 1 Tiny Tiny Rss 2024-11-21 6.8 MEDIUM 8.1 HIGH
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.
CVE-2020-25414 1 Monstra 1 Monstra 2024-11-21 7.5 HIGH 9.8 CRITICAL
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.
CVE-2020-24985 1 Quadbase 1 Espressdashboard 2024-11-21 5.5 MEDIUM 8.1 HIGH
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads.