Total
29063 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29479 | 1 Ratpack Project | 1 Ratpack | 2024-11-21 | 4.0 MEDIUM | 7.0 HIGH |
| Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, a user supplied `X-Forwarded-Host` header can be used to perform cache poisoning of a cache fronting a Ratpack server if the cache key does not include the `X-Forwarded-Host` header as a cache key. Users are only vulnerable if they do not configure a custom `PublicAddress` instance. For versions prior to 1.9.0, by default, Ratpack utilizes an inferring version of `PublicAddress` which is vulnerable. This can be used to perform redirect cache poisoning where an attacker can force a cached redirect to redirect to their site instead of the intended redirect location. The vulnerability was patched in Ratpack 1.9.0. As a workaround, ensure that `ServerConfigBuilder::publicAddress` correctly configures the server in production. | |||||
| CVE-2021-29469 | 1 Redis.js | 1 Redis | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1. | |||||
| CVE-2021-29416 | 1 Portswigger | 1 Burp Suite | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in PortSwigger Burp Suite before 2021.2. During viewing of a malicious request, it can be manipulated into issuing a request that does not respect its upstream proxy configuration. This could leak NetNTLM hashes on Windows systems that fail to block outbound SMB. | |||||
| CVE-2021-29337 | 1 Msi | 1 Dragon Center | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory. | |||||
| CVE-2021-29264 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6. | |||||
| CVE-2021-28965 | 2 Fedoraproject, Ruby-lang | 3 Fedora, Rexml, Ruby | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | |||||
| CVE-2021-28817 | 2 Microsoft, Tibco | 2 Windows, Rendezvous | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Rendezvous: versions 8.5.1 and below and TIBCO Rendezvous Developer Edition: versions 8.5.1 and below. | |||||
| CVE-2021-28814 | 1 Qnap | 1 Helpdesk | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote attackers to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.4. | |||||
| CVE-2021-28799 | 1 Qnap | 4 Hybrid Backup Sync, Qts, Quts Hero and 1 more | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210411 on QTS 4.3.4; versions prior to v3.0.210411 on QTS 4.3.3; versions prior to v16.0.0419 on QuTS hero h4.5.1; versions prior to v16.0.0419 on QuTScloud c4.5.1~c4.5.4. This issue does not affect: QNAP Systems Inc. HBS 2 . QNAP Systems Inc. HBS 1.3 . | |||||
| CVE-2021-28703 | 1 Xen | 1 Xen | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched (back) from v2 to v1. The freeing of such pages requires that the hypervisor know where in the guest these pages were mapped. The hypervisor tracks only one use within guest space, but racing requests from the guest to insert mappings of these pages may result in any of them to become mapped in multiple locations. Upon switching back from v2 to v1, the guest would then retain access to a page that was freed and perhaps re-used for other purposes. This bug was fortuitously fixed by code cleanup in Xen 4.14, and backported to security-supported Xen branches as a prerequisite of the fix for XSA-378. | |||||
| CVE-2021-28694 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these are typically device specific ACPI properties, they can also be specified to apply to a range of devices, or even all devices. On all systems with such regions Xen failed to prevent guests from undoing/replacing such mappings (CVE-2021-28694). On AMD systems, where a discontinuous range is specified by firmware, the supposedly-excluded middle range will also be identity-mapped (CVE-2021-28695). Further, on AMD systems, upon de-assigment of a physical device from a guest, the identity mappings would be left in place, allowing a guest continued access to ranges of memory which it shouldn't have access to anymore (CVE-2021-28696). | |||||
| CVE-2021-28685 | 1 Asus | 1 Gputweak Ii | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl. | |||||
| CVE-2021-28648 | 1 Trendmicro | 1 Antivirus | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. | |||||
| CVE-2021-28626 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.0 MEDIUM | 3.7 LOW |
| Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by an Improper Authorization vulnerability allowing users to create nodes under a location. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue does not require user interaction. | |||||
| CVE-2021-28579 | 1 Adobe | 1 Connect | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Adobe Connect version 11.2.1 (and earlier) is affected by an Improper access control vulnerability that can lead to the elevation of privileges. An attacker with 'Learner' permissions can leverage this scenario to access the list of event participants. | |||||
| CVE-2021-28563 | 1 Magento | 1 Magento | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by an Improper Authorization vulnerability via the 'Create Customer' endpoint. Successful exploitation could lead to unauthorized modification of customer data by an unauthenticated attacker. Access to the admin console is required for successful exploitation. | |||||
| CVE-2021-28511 | 1 Arista | 16 7050cx3-32s, 7050cx3m-32s, 7050sx3-48c8 and 13 more | 2024-11-21 | N/A | 5.8 MEDIUM |
| This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could allow a host with an IP address in a range that matches the range allowed by a NAT ACL and a range denied by a Security ACL to be forwarded incorrectly as it should have been denied by the Security ACL. This can enable an ACL bypass. | |||||
| CVE-2021-28500 | 1 Arista | 1 Eos | 2024-11-21 | 6.9 MEDIUM | 9.1 CRITICAL |
| An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. | |||||
| CVE-2021-28497 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 4.6 MEDIUM | 4.4 MEDIUM |
| In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x train MOS-0.31.1 and below releases in the MOS-0.3x train | |||||
| CVE-2021-28492 | 1 Unisys | 1 Stealth | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format. | |||||