Total
29063 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44886 | 1 Zammad | 1 Zammad | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Zammad 5.0.2, agents can configure "out of office" periods and substitute persons. If the substitute persons didn't have the same permissions as the original agent, they could receive ticket notifications for tickets that they have no access to. | |||||
| CVE-2021-44877 | 1 Dalmark | 1 Systeam Enterprise Resource Planning | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. A broken access control vulnerability has been found while using a temporary generated token in order to consume api resources. The vulnerability allows an unauthenticated attacker to use an api endpoint to generate a temporary JWT token that is designed to reference the correct tenant prior to authentication, to request system configuration parameters using direct api requests. The correct exploitation of this vulnerability causes sensitive information exposure. In case the tenant has an smtp credential set, the full credential information is disclosed. | |||||
| CVE-2021-44854 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | N/A | 5.3 MEDIUM |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis. | |||||
| CVE-2021-44852 | 1 Biostar | 1 Racing Gt Evo | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000. | |||||
| CVE-2021-44838 | 1 Deltarm | 1 Delta Rm | 2024-11-21 | 5.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies. | |||||
| CVE-2021-44837 | 1 Deltarm | 1 Delta Rm | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the same information as an admin user regarding the risk creation information in the /risque/administration/referentiel/json/create/categorie endpoint, using the id_cat1 query parameter to indicate the risk. | |||||
| CVE-2021-44776 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| A broken access control vulnerability in the SubNet_handler_func function of spx_restservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-44719 | 2 Apple, Docker | 3 Mac Os X, Macos, Docker Desktop | 2024-11-21 | 6.6 MEDIUM | 8.4 HIGH |
| Docker Desktop 4.3.0 has Incorrect Access Control. | |||||
| CVE-2021-44714 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 MEDIUM | 2.5 LOW |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click 'allow' on the warning message of a malicious file. | |||||
| CVE-2021-44657 | 1 Stackstorm | 1 Stackstorm | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus allows execution of unsafe system commands. Jinja does not enable sandboxed mode by default due to backwards compatibility. Stackstorm now sets sandboxed mode for jinja by default. | |||||
| CVE-2021-44467 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2024-11-21 | N/A | 5.3 MEDIUM |
| A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-44420 | 5 Canonical, Debian, Djangoproject and 2 more | 5 Ubuntu Linux, Debian Linux, Django and 2 more | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. | |||||
| CVE-2021-44225 | 2 Fedoraproject, Keepalived | 2 Fedora, Keepalived | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property | |||||
| CVE-2021-44223 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory. | |||||
| CVE-2021-44204 | 2 Acronis, Microsoft | 5 Agent, Cyber Protect, Cyber Protect Home Office and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287 | |||||
| CVE-2021-44160 | 1 Cth | 1 Carinal Tien Hospital Health Report System | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the service partially unavailable to the user. | |||||
| CVE-2021-44149 | 2 Linaro, Nxp | 2 Op-tee, I.mx 6ultralite | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a v cycle. | |||||
| CVE-2021-44032 | 1 Tp-link | 1 Omada Software Controller | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. An attacker can bypass the captive portal authentication process by using the downgraded "no authentication" method, and access the protected network. For example, the attacker can simply set window.authType=0 in client-side JavaScript. | |||||
| CVE-2021-43996 | 1 Facade | 1 Ignition | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control. | |||||
| CVE-2021-43972 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the HTTP POST body. | |||||