| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2021-44000 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All vers... | S | |
| CVE-2021-44001 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44002 | A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All version... | S | |
| CVE-2021-44003 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44004 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44005 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44006 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44007 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44008 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44009 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44010 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44011 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44012 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44013 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44014 | A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All version... | S | |
| CVE-2021-44015 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44016 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All vers... | S | |
| CVE-2021-44017 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (A... | S | |
| CVE-2021-44018 | A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All vers... | S | |
| CVE-2021-44019 | An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could al... | | |
| CVE-2021-44020 | An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could al... | | |
| CVE-2021-44021 | An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could al... | | |
| CVE-2021-44022 | A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the pro... | | |
| CVE-2021-44023 | A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 f... | | |
| CVE-2021-44024 | A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Tren... | S | |
| CVE-2021-44025 | Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename... | S | |
| CVE-2021-44026 | Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or ... | KEV S | |
| CVE-2021-44028 | XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file mig... | | |
| CVE-2021-44029 | An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attac... | | |
| CVE-2021-44030 | Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from ... | | |
| CVE-2021-44031 | An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profile... | | |
| CVE-2021-44032 | TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method spec... | E | |
| CVE-2021-44033 | In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be by... | E | |
| CVE-2021-44035 | Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated u... | | |
| CVE-2021-44036 | Team Password Manager (aka TeamPasswordManager) before 10.135.236 has a CSRF vulnerability during im... | | |
| CVE-2021-44037 | Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning.... | | |
| CVE-2021-44038 | An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec... | E | |
| CVE-2021-44040 | HTTP request line fuzzing attacks | | |
| CVE-2021-44041 | UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path supplied t... | | |
| CVE-2021-44042 | An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-s... | | |
| CVE-2021-44043 | An issue was discovered in UiPath App Studio 21.4.4. There is a persistent XSS vulnerability in the ... | | |
| CVE-2021-44044 | An out-of-bounds write vulnerability exists when reading a JPG file using Open Design Alliance Drawi... | | |
| CVE-2021-44045 | An out-of-bounds write vulnerability exists when reading a DGN file using Open Design Alliance Drawi... | | |
| CVE-2021-44046 | An out-of-bounds write vulnerability exists when reading U3D files in Open Design Alliance PRC SDK b... | | |
| CVE-2021-44047 | A use-after-free vulnerability exists when reading a DWF/DWFX file using Open Design Alliance Drawin... | | |
| CVE-2021-44048 | An out-of-bounds write vulnerability exists when reading a TIF file using Open Design Alliance (ODA)... | | |
| CVE-2021-44049 | CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user t... | E | |
| CVE-2021-44050 | CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA w... | | |
| CVE-2021-44051 | Command injection | S | |
| CVE-2021-44052 | Arbitrary file read | S | |
| CVE-2021-44053 | Reflected XSS | S | |
| CVE-2021-44054 | Open redirect | S | |
| CVE-2021-44055 | Information leakage in Video Station | S | |
| CVE-2021-44056 | Improper authentication in Video Station | S | |
| CVE-2021-44057 | Improper authentication in Photo Station | S | |
| CVE-2021-44076 | An issue was discovered in CrushFTP 9. The creation of a new user through the /WebInterface/UserMana... | E | |
| CVE-2021-44077 | Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCente... | KEV E S | |
| CVE-2021-44078 | An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local ... | S | |
| CVE-2021-44079 | In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are pas... | E S | |
| CVE-2021-44080 | A Command Injection vulnerability in httpd web server (setup.cgi) in SerComm h500s, FW: lowi-h500s-v... | E | |
| CVE-2021-44081 | A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. When the length of MSIN in Supi ... | E S | |
| CVE-2021-44082 | textpattern 4.8.7 is vulnerable to Cross Site Scripting (XSS) via /textpattern/index.php,Body. A rem... | E | |
| CVE-2021-44087 | A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v... | E | |
| CVE-2021-44088 | An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which all... | E | |
| CVE-2021-44090 | An SQL Injection vulnerability exists in Sourcecodester Online Reviewer System 1.0 via the password ... | E | |
| CVE-2021-44091 | A Cross-Site Scripting (XSS) vulnerability exists in Courcecodester Multi Restaurant Table Reservati... | E | |
| CVE-2021-44092 | An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username para... | E | |
| CVE-2021-44093 | A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar func... | E | |
| CVE-2021-44094 | ZrLog 2.2.2 has a remote command execution vulnerability at plugin download function, it could execu... | E | |
| CVE-2021-44095 | A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login... | E | |
| CVE-2021-44096 | EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injectio... | E | |
| CVE-2021-44097 | EGavilan Media Contact-Form-With-Messages-Entry-Management 1.0 is vulnerable to SQL Injection via Ad... | E | |
| CVE-2021-44098 | EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php.... | E | |
| CVE-2021-44103 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42192. Reason: This candidat... | R | |
| CVE-2021-44108 | A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote atta... | E S | |
| CVE-2021-44109 | A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and earlier allows remote attackers to Denia... | E S | |
| CVE-2021-44111 | A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup.... | E S | |
| CVE-2021-44114 | Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP... | | |
| CVE-2021-44116 | Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can us... | E | |
| CVE-2021-44117 | A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a P... | E | |
| CVE-2021-44118 | SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, ... | S | |
| CVE-2021-44120 | SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability in ecrire/public/interfaces.php... | S | |
| CVE-2021-44121 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-44122 | SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ecrire/public/aiguill... | S | |
| CVE-2021-44123 | SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an... | S | |
| CVE-2021-44124 | Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does not... | E | |
| CVE-2021-44127 | In DLink DAP-1360 F1 firmware version <=v6.10 in the "webupg" binary, an attacker can use the "file"... | E | |
| CVE-2021-44132 | A command injection vulnerability in the function formImportOMCIShell of C-DATA ONU4FERW V2.1.13_X13... | E | |
| CVE-2021-44135 | pagekit all versions, as of 15-10-2021, is vulnerable to SQL Injection via Comment listing.... | E | |
| CVE-2021-44138 | There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.5... | E | |
| CVE-2021-44139 | Sentinel 1.8.2 is vulnerable to Server-side request forgery (SSRF).... | E | |
| CVE-2021-44140 | Arbitrary file deletion on logout | M | |
| CVE-2021-44141 | All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to... | M | |
| CVE-2021-44142 | The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compati... | | |
| CVE-2021-44143 | A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious ... | S | |
| CVE-2021-44144 | Croatia Control Asterix 2.8.1 has a heap-based buffer over-read, with additional details to be discl... | S | |
| CVE-2021-44145 | Apache NiFi information disclosure by XXE | | |
| CVE-2021-44147 | An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4.1 ... | E | |
| CVE-2021-44148 | GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=sc... | E S | |
| CVE-2021-44149 | An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU drive... | | |
| CVE-2021-44150 | The client in tusdotnet through 2.5.0 relies on SHA-1 to prevent spoofing of file content.... | | |
| CVE-2021-44151 | An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijac... | | |
| CVE-2021-44152 | An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not verify... | E S | |
| CVE-2021-44153 | An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an ad... | E S | |
| CVE-2021-44154 | An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payl... | E S | |
| CVE-2021-44155 | An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts to l... | E S | |
| CVE-2021-44158 | ASUS RT-AX56U Router - Stack-based buffer overflow | S | |
| CVE-2021-44159 | 4MOSAn GCB Doctor - Unrestricted Upload of File | S | |
| CVE-2021-44160 | Carinal Tien Hospital Health Report System - Authorization Bypass Through User-Controlled Key | | |
| CVE-2021-44161 | Changing Information Technology Inc. MOTP(Mobile One Time Password) - SQL Injection | S | |
| CVE-2021-44162 | Chain Sea Information Integration Co., Ltd ai chatbot system - Path Traversal | S | |
| CVE-2021-44163 | Chain Sea Information Integration Co., Ltd ai chatbot system - Reflected XSS | S | |
| CVE-2021-44164 | Chain Sea Information Integration Co., Ltd ai chatbot system - Arbitrary File Upload | S | |
| CVE-2021-44165 | A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SI... | | |
| CVE-2021-44166 | An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push not... | S | |
| CVE-2021-44167 | An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for ... | | |
| CVE-2021-44168 | A download of code without integrity check vulnerability in the "execute restore src-vis" command of... | KEV | |
| CVE-2021-44169 | A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 ... | S | |
| CVE-2021-44170 | A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS bef... | | |
| CVE-2021-44171 | A improper neutralization of special elements used in an os command ('os command injection') in Fort... | | |
| CVE-2021-44172 | An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient... | S | |
| CVE-2021-44173 | Rejected reason: Not used... | R | |
| CVE-2021-44174 | Rejected reason: Not used... | R | |
| CVE-2021-44175 | Rejected reason: Not used... | R | |
| CVE-2021-44176 | Adobe Experience Manager Stored XSS in workflow Stages parameter | | |
| CVE-2021-44177 | Adobe Experience Manager Stored XSS in user name parameter in the package manager | | |
| CVE-2021-44178 | Adobe Experience Manager Reflected XSS in /bin/wcm/contentfinder/page/view.html | | |
| CVE-2021-44179 | Adobe Dimension GIF File Parsing Memory Corruption Remote Code Execution Vulnerability | S | |
| CVE-2021-44180 | Adobe Dimension PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | S | |
| CVE-2021-44181 | Adobe Dimension GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | S | |
| CVE-2021-44182 | Adobe Dimension SVG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44183 | Adobe Dimension TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44185 | Adobe Bridge RGB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2021-44186 | Adobe Bridge SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2021-44187 | Adobe Bridge SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2021-44188 | Adobe After Effects 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2021-44189 | Adobe After Effects JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability | S | |
| CVE-2021-44190 | Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44191 | Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44192 | Adobe After Effects MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44193 | Adobe After Effects MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44194 | Adobe After Effects 3GP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44195 | Adobe After Effects JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44196 | XSS in UBIT Information Technologies Student Information Management System | | |
| CVE-2021-44197 | XSS in UBIT Information Technologies Student Information Management System | | |
| CVE-2021-44198 | DLL hijacking could lead to local privilege escalation | S | |
| CVE-2021-44199 | DLL hijacking could lead to denial of service | S | |
| CVE-2021-44200 | Self cross-site scripting (XSS) was possible on devices page | S | |
| CVE-2021-44201 | Cross-site scripting (XSS) was possible in notification pop-ups | S | |
| CVE-2021-44202 | Stored cross-site scripting (XSS) was possible in activity details | S | |
| CVE-2021-44203 | Stored cross-site scripting (XSS) was possible in protection plan details | S | |
| CVE-2021-44204 | Local privilege escalation via named pipe due to improper access control checks | | |
| CVE-2021-44205 | Local privilege escalation due to DLL hijacking vulnerability | | |
| CVE-2021-44206 | Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service | | |
| CVE-2021-44207 | Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.... | KEV | |
| CVE-2021-44208 | OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat.... | E | |
| CVE-2021-44209 | OX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO.... | E | |
| CVE-2021-44210 | OX App Suite through 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data.... | | |
| CVE-2021-44211 | OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signa... | E | |
| CVE-2021-44212 | OX App Suite through 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substri... | E | |
| CVE-2021-44213 | OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message.... | E | |
| CVE-2021-44215 | Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow unaut... | E | |
| CVE-2021-44216 | Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions th... | E | |
| CVE-2021-44217 | In Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting (XSS) vulnerability in the com... | E S | |
| CVE-2021-44219 | Gin-Vue-Admin before 2.4.6 mishandles a SQL database.... | S | |
| CVE-2021-44221 | A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affec... | S | |
| CVE-2021-44222 | A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The under... | S | |
| CVE-2021-44223 | WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote... | E | |
| CVE-2021-44224 | Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier | S | |
| CVE-2021-44225 | In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination... | S | |
| CVE-2021-44226 | Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\... | E | |
| CVE-2021-44227 | In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin req... | S | |
| CVE-2021-44228 | Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints | KEV E S | |
| CVE-2021-44230 | PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for th... | | |
| CVE-2021-44231 | Internally used text extraction reports allow an attacker to inject code that can be executed by the... | | |
| CVE-2021-44232 | SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path in... | | |
| CVE-2021-44233 | SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary author... | | |
| CVE-2021-44234 | SAP Business One - version 10.0, extended log stores information that can be of a sensitive nature a... | | |
| CVE-2021-44235 | Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730, 731... | | |
| CVE-2021-44238 | AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,... | E | |
| CVE-2021-44244 | An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 v... | E | |
| CVE-2021-44245 | An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS) 1.... | E | |
| CVE-2021-44246 | Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_... | E | |
| CVE-2021-44247 | Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_... | E | |
| CVE-2021-44249 | Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack ... | E | |
| CVE-2021-44255 | Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a rem... | | |
| CVE-2021-44259 | A vulnerability is in the 'wx.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418... | E | |
| CVE-2021-44260 | A vulnerability is in the 'live_mfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20... | E | |
| CVE-2021-44261 | A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which c... | E | |
| CVE-2021-44262 | A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which ca... | E | |
| CVE-2021-44263 | Gurock TestRail before 7.2.4 mishandles HTML escaping.... | E | |
| CVE-2021-44266 | GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth p... | E | |
| CVE-2021-44269 | An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in ... | E S | |
| CVE-2021-44273 | e2guardian v5.4.x <= v5.4.3r is affected by missing SSL certificate validation in the SSL MITM engin... | E S | |
| CVE-2021-44277 | Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/common/a... | E S | |
| CVE-2021-44278 | Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/show... | E S | |
| CVE-2021-44279 | Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/forms/po... | E S | |
| CVE-2021-44280 | attendance management system 1.0 is affected by a SQL injection vulnerability in admin/incFunctions.... | E | |
| CVE-2021-44283 | A buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Insti... | E S | |
| CVE-2021-44299 | A reflected cross-site scripting (XSS) vulnerability in \lib\packages\themes\themes.php of Navigate ... | E S | |
| CVE-2021-44302 | BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji ... | E | |
| CVE-2021-44310 | An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges... | E | |
| CVE-2021-44312 | An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators coul... | E | |
| CVE-2021-44315 | In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which al... | E | |
| CVE-2021-44317 | In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored C... | E | |
| CVE-2021-44321 | Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where a... | E | |
| CVE-2021-44331 | ARM astcenc 3.2.0 is vulnerable to Buffer Overflow in function encode_ise().... | E S | |
| CVE-2021-44334 | David Brackeen ok-file-formats 97f78ca is vulnerable to Buffer Overflow. When the function of the ok... | E | |
| CVE-2021-44335 | David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok... | E | |
| CVE-2021-44339 | David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok... | E | |
| CVE-2021-44340 | David Brackeen ok-file-formats dev version is vulnerable to Buffer Overflow. When the function of th... | E | |
| CVE-2021-44342 | David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow via function ok_png_transfor... | E | |
| CVE-2021-44343 | David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok... | E | |
| CVE-2021-44345 | Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is vuln... | | |
| CVE-2021-44347 | SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.cl... | E | |
| CVE-2021-44348 | SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller\Ad... | | |
| CVE-2021-44349 | SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage\Controller\D... | | |
| CVE-2021-44350 | SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builde... | E | |
| CVE-2021-44351 | An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php i... | E | |
| CVE-2021-44352 | A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via t... | E | |
| CVE-2021-44354 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functional... | E | |
| CVE-2021-44355 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functional... | E | |
| CVE-2021-44356 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functional... | E | |
| CVE-2021-44357 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functional... | E | |
| CVE-2021-44358 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44359 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44360 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44361 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44362 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44363 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44364 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44365 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44366 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functional... | E | |
| CVE-2021-44367 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44368 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44369 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44370 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44371 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44372 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44373 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44374 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44375 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functional... | E | |
| CVE-2021-44376 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44377 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44378 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44379 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44380 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44381 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44382 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44383 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44384 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44385 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44386 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44387 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44388 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44389 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44390 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44391 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44392 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44393 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44394 | Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functional... | E | |
| CVE-2021-44395 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44396 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44397 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44398 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44399 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44400 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44401 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44402 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44403 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44404 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44405 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44406 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44407 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44408 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44409 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44410 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44411 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44412 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44413 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44414 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44415 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44416 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44417 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44418 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44419 | A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of r... | E | |
| CVE-2021-44420 | In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with t... | S | |
| CVE-2021-44421 | The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a con... | E S | |
| CVE-2021-44422 | An Improper Input Validation Vulnerability exists when reading a BMP file using Open Design Alliance... | | |
| CVE-2021-44423 | An out-of-bounds read vulnerability exists when reading a BMP file using Open Design Alliance (ODA) ... | | |
| CVE-2021-44425 | An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listen... | E | |
| CVE-2021-44426 | An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary fi... | E | |
| CVE-2021-44427 | An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis... | E | |
| CVE-2021-44428 | Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ... | | |
| CVE-2021-44429 | Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ... | E | |
| CVE-2021-44430 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44431 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44432 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44433 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44434 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44435 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44436 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44437 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44438 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44439 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44440 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44441 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44442 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44443 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44444 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | E | |
| CVE-2021-44445 | A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions <... | | |
| CVE-2021-44446 | A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions <... | | |
| CVE-2021-44447 | A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions <... | | |
| CVE-2021-44448 | A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions <... | | |
| CVE-2021-44449 | A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions <... | | |
| CVE-2021-44450 | A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions <... | | |
| CVE-2021-44451 | API sensitive information leak | | |
| CVE-2021-44453 | mySCADA myPRO | S | |
| CVE-2021-44454 | Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition befor... | | |
| CVE-2021-44457 | Rejected reason: This is unused.... | R | |
| CVE-2021-44458 | Lack of websocket authentication in Lens causes remote code execution when visiting a malicious website | | |
| CVE-2021-44460 | Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allo... | S | |
| CVE-2021-44461 | Cross-site scripting (XSS) issue in Accounting app of Odoo Enterprise 13.0 through 15.0, allows remo... | | |
| CVE-2021-44462 | Horner Automation Cscape EnvisionRV Improper Input Validation | S | |
| CVE-2021-44463 | Emerson DeltaV Uncontrolled Search Path Element | M | |
| CVE-2021-44464 | Fresenius Kabi Agilia Connect Infusion System hard coded credentials | S | |
| CVE-2021-44465 | Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allo... | S | |
| CVE-2021-44466 | Bitmask Riseup VPN 0.21.6 contains a local privilege escalation flaw due to improper access controls... | S | |
| CVE-2021-44467 | spx_restservice KillDupUsr_func Broken Access Control | | |
| CVE-2021-44470 | Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 ma... | | |
| CVE-2021-44471 | Delta Electronics DIAEnergie (Update A) | S | |
| CVE-2021-44476 | A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows au... | S | |
| CVE-2021-44477 | GE Gas Power ToolBoxST Improper Restriction of XML External Entity Reference | S | |
| CVE-2021-44478 | A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient f... | S | |
| CVE-2021-44479 | NXP Kinetis K82 devices have a buffer over-read via a crafted wlength value in a GET Status-Other re... | | |
| CVE-2021-44480 | Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number and... | | |
| CVE-2021-44481 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in cal... | E | |
| CVE-2021-44482 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls t... | E | |
| CVE-2021-44483 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls t... | E | |
| CVE-2021-44484 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to emi... | E | |
| CVE-2021-44485 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in trip_gen in ... | E | |
| CVE-2021-44486 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can ma... | E | |
| CVE-2021-44487 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to iou... | E | |
| CVE-2021-44488 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can co... | E | |
| CVE-2021-44489 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can ca... | E | |
| CVE-2021-44490 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can ca... | E | |
| CVE-2021-44491 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can ca... | E | |
| CVE-2021-44492 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using c... | S | |
| CVE-2021-44493 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using c... | S | |
| CVE-2021-44494 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using c... | S | |
| CVE-2021-44495 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using c... | S | |
| CVE-2021-44496 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44497 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44498 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44499 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44500 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of i... | S | |
| CVE-2021-44501 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44502 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44503 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44504 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44505 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44506 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of i... | S | |
| CVE-2021-44507 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of p... | S | |
| CVE-2021-44508 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of N... | S | |
| CVE-2021-44509 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44510 | An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using craft... | S | |
| CVE-2021-44512 | World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a lo... | S | |
| CVE-2021-44513 | Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to comp... | S | |
| CVE-2021-44514 | OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit ... | | |
| CVE-2021-44515 | Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code exe... | KEV E S | |
| CVE-2021-44518 | An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android. The ... | E | |
| CVE-2021-44519 | In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerab... | | |
| CVE-2021-44520 | In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Command Injection vulnerabil... | | |
| CVE-2021-44521 | Remote code execution for scripted UDFs | E M | |
| CVE-2021-44522 | A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.... | | |
| CVE-2021-44523 | A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.... | | |
| CVE-2021-44524 | A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.... | | |
| CVE-2021-44525 | Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application s... | | |
| CVE-2021-44526 | Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin config... | | |
| CVE-2021-44527 | A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor ... | | |
| CVE-2021-44528 | A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a... | S | |
| CVE-2021-44529 | A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenti... | KEV E S | |
| CVE-2021-44530 | An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and ... | S | |
| CVE-2021-44531 | Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to us... | S | |
| CVE-2021-44532 | Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a... | E S | |
| CVE-2021-44533 | Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguis... | E S | |
| CVE-2021-44534 | Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which ... | | |
| CVE-2021-44537 | ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client ... | | |
| CVE-2021-44538 | The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. ... | S | |
| CVE-2021-44540 | A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of co... | | |
| CVE-2021-44541 | A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freei... | | |
| CVE-2021-44542 | A memory leak vulnerability was found in Privoxy when handling errors.... | | |
| CVE-2021-44543 | An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the t... | | |
| CVE-2021-44544 | Delta Electronics DIAEnergie (Update A) | S | |
| CVE-2021-44545 | Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may al... | S | |
| CVE-2021-44547 | A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrato... | S | |
| CVE-2021-44548 | Apache Solr information disclosure vulnerability through DataImportHandler | M | |
| CVE-2021-44549 | SMTPS server hostname not checked when making TLS connection to SMTPS server | M | |
| CVE-2021-44550 | An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.j... | E | |
| CVE-2021-44554 | Thinfinity VirtualUI before 3.0 allows a malicious actor to enumerate users registered in the OS (Wi... | E | |
| CVE-2021-44556 | National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected by... | S | |
| CVE-2021-44557 | National Library of the Netherlands multiNER <= c0440948057afc6e3d6b4903a7c05e666b94a3bc is affected... | S | |
| CVE-2021-44564 | A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub... | | |
| CVE-2021-44565 | A Cross Site Scripting (XSS) vulnerability exists in RosarioSIS before 7.6.1 via the xss_clean funct... | E S | |
| CVE-2021-44566 | A Cross Site Scripting (XSS) vulnerability exists in RosarioSIS before 4.3 via the SanitizeMarkDown ... | E S | |
| CVE-2021-44567 | An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes param... | E S | |
| CVE-2021-44568 | Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decis... | E | |
| CVE-2021-44569 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44570 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44571 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44573 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44574 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44575 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44576 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44577 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate ... | R | |
| CVE-2021-44581 | An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter.... | | |
| CVE-2021-44582 | A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, ... | E | |
| CVE-2021-44584 | Cross-site scripting (XSS) vulnerability in index.php in emlog version <= pro-1.0.7 allows remote at... | E S | |
| CVE-2021-44585 | A Cross Site Scripting (XSS) vulnerabilitiy exits in jeecg-boot 3.0 in /jeecg-boot/jmreport/view wit... | E | |
| CVE-2021-44586 | An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file download... | E | |
| CVE-2021-44590 | In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Re... | E | |
| CVE-2021-44591 | In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that... | E | |
| CVE-2021-44593 | Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution via ... | E | |
| CVE-2021-44595 | Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A no... | E | |
| CVE-2021-44596 | Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to softw... | E | |
| CVE-2021-44597 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43857. Reason: This candidat... | R | |
| CVE-2021-44598 | Attendance Management System 1.0 is affected by a Cross Site Scripting (XSS) vulnerability. The valu... | E | |
| CVE-2021-44599 | The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL... | E | |
| CVE-2021-44600 | The password parameter on Simple Online Mens Salon Management System (MSMS) 1.0 appears to be vulner... | E | |
| CVE-2021-44607 | A Cross Site Scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG fi... | E | |
| CVE-2021-44608 | Multiple Cross Site Scripting (XSS) vulnerabilities exists in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1)... | E | |
| CVE-2021-44610 | Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) URLs, (2) lan... | E | |
| CVE-2021-44617 | A SQL Injection vulnerability exits in the Ramo plugin for GLPI 9.4.6 via the idu parameter in plugi... | E | |
| CVE-2021-44618 | A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/h... | S | |
| CVE-2021-44620 | A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp ... | | |
| CVE-2021-44622 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router... | E | |
| CVE-2021-44623 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/route... | E | |
| CVE-2021-44625 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_devi... | E | |
| CVE-2021-44626 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router... | E | |
| CVE-2021-44627 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router... | E | |
| CVE-2021-44628 | A Buffer Overflow vulnerabiltiy exists in TP-LINK WR-886N 20190826 2.3.8 in thee /cloud_config/route... | E | |
| CVE-2021-44629 | A Buffer Overflow vulnerabilitiy exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/route... | E | |
| CVE-2021-44630 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router... | E | |
| CVE-2021-44631 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router... | E | |
| CVE-2021-44632 | A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router... | E | |
| CVE-2021-44647 | Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c... | E S | |
| CVE-2021-44648 | GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw ... | E | |
| CVE-2021-44649 | Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an ... | E | |
| CVE-2021-44650 | Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating ... | | |
| CVE-2021-44651 | Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the updat... | | |
| CVE-2021-44652 | Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file over... | | |
| CVE-2021-44653 | Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. ... | E | |
| CVE-2021-44655 | Online Pre-owned/Used Car Showroom Management System 1.0 contains a SQL injection authentication byp... | E | |
| CVE-2021-44657 | In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus al... | E S | |
| CVE-2021-44659 | Adding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do a... | E | |
| CVE-2021-44662 | A Site Scripting (XSS) vulnerability exists in the Xerte Project Xerte through 3.8.4 via the link pa... | E S | |
| CVE-2021-44663 | A Remote Code Execution (RCE) vulnerability exists in the Xerte Project Xerte through 3.8.4 via a cr... | E S | |
| CVE-2021-44664 | An Authenticated Remote Code Exection (RCE) vulnerability exists in Xerte through 3.9 in website_cod... | E S | |
| CVE-2021-44665 | A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloadin... | E S | |
| CVE-2021-44667 | A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize ... | E | |
| CVE-2021-44673 | A Remote Code Execution (RCE) vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments... | E | |
| CVE-2021-44674 | An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability al... | S | |
| CVE-2021-44675 | Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remo... | | |
| CVE-2021-44676 | Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g., a... | | |
| CVE-2021-44677 | An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterp... | | |
| CVE-2021-44678 | An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterp... | | |
| CVE-2021-44679 | An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterp... | | |
| CVE-2021-44680 | An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterp... | | |
| CVE-2021-44681 | An issue (5 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterp... | | |
| CVE-2021-44682 | An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterp... | | |
| CVE-2021-44683 | The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScrip... | E | |
| CVE-2021-44684 | naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the _hook subc... | E | |
| CVE-2021-44685 | Git-it through 4.4.0 allows OS command injection at the Branches Aren't Just For Birds challenge ste... | E | |
| CVE-2021-44686 | calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression ... | E S | |
| CVE-2021-44692 | BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. W... | M | |
| CVE-2021-44693 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which... | S | |
| CVE-2021-44694 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which... | S | |
| CVE-2021-44695 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which... | S | |
| CVE-2021-44696 | Adobe Prelude JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44697 | Adobe Audition MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44698 | Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44699 | Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2021-44700 | Adobe Illustrator JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2021-44701 | Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2021-44702 | Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) for Internet Explorer LoadFile NTLMv2 SSO Auth leak vulnerability | S | |
| CVE-2021-44703 | Adobe Acrobat Pro DC Stack Overflow Vulnerability Arbitrary code execution | | |
| CVE-2021-44704 | Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution | | |
| CVE-2021-44705 | Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution | | |
| CVE-2021-44706 | Adobe Acrobat Reader Collab.registerReview Use-After-Free Remote Execution Vulnerability | | |
| CVE-2021-44707 | Adobe Acrobat Reader DC OTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-44708 | Adobe Acrobat Pro DC Heap Overflow could lead to Arbitrary code execution | | |
| CVE-2021-44709 | Adobe Acrobat Pro DC Heap Overflow Vulnerability could lead to Arbitrary code execution | | |
| CVE-2021-44710 | Adobe Acrobat Reader Use-after-free could lead to Arbitrary code execution | | |
| CVE-2021-44711 | Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability | | |
| CVE-2021-44712 | Adobe Acrobat Reader Memory Corruption could lead to Application denial-of-service | | |
| CVE-2021-44713 | Adobe Acrobat Reader DC Use After Free could lead to Application denial-of-service | | |
| CVE-2021-44714 | Adobe Acrobat Reader Missing Custom Protocols in Warning Message Prompts | | |
| CVE-2021-44715 | Adobe Acrobat Reader DC Out-of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2021-44716 | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the... | S | |
| CVE-2021-44717 | Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or ... | S | |
| CVE-2021-44718 | wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the clien... | | |
| CVE-2021-44719 | Docker Desktop 4.3.0 has Incorrect Access Control.... | | |
| CVE-2021-44720 | In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is store... | | |
| CVE-2021-44725 | KNIME Server before 4.13.4 allows directory traversal in a request for a client profile.... | | |
| CVE-2021-44726 | KNIME Server before 4.13.4 allows XSS via the old WebPortal login page.... | | |
| CVE-2021-44730 | snapd could be made to escalate privileges and run programs as administrator | S | |
| CVE-2021-44731 | snapd could be made to escalate privileges and run programs as administrator | E S | |
| CVE-2021-44732 | Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an m... | E M | |
| CVE-2021-44733 | A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.... | E | |
| CVE-2021-44734 | Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which ca... | | |
| CVE-2021-44735 | Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.... | | |
| CVE-2021-44736 | The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out o... | | |
| CVE-2021-44737 | PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to... | | |
| CVE-2021-44738 | Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscrip... | | |
| CVE-2021-44739 | Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Auth leak vulnerability | S | |
| CVE-2021-44740 | Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service | | |
| CVE-2021-44741 | Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service | | |
| CVE-2021-44742 | Adobe Reader Out-of-bounds Read Remote Code Execution Vulnerability | | |
| CVE-2021-44743 | Adobe Bridge JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-44746 | UNIVERGE DT 820 V3.2.7.0 and prior, UNIVERGE DT 830 V5.2.7.0 and prior, UNIVERGE DT 930 V2.4.0.0 and... | | |
| CVE-2021-44747 | Denial-of-Service (DoS) Vulnerability | S | |
| CVE-2021-44748 | Universal Cross-Site Scripting Vulnerability in F-Secure SAFE Browser for Android | S | |
| CVE-2021-44749 | Universal Cross-Site Scripting Vulnerability in F-Secure SAFE Browser Protection for Android | S | |
| CVE-2021-44750 | Arbitrary Code Execution | S | |
| CVE-2021-44751 | F-Secure SAFE Browser vulnerable to USSD attacks | S | |
| CVE-2021-44757 | Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allo... | | |
| CVE-2021-44758 | Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a... | S | |
| CVE-2021-44759 | Improper authentication vulnerability in TLS origin verification | | |
| CVE-2021-44760 | WordPress WP-DownloadManager plugin <= 1.68.6 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability | S | |
| CVE-2021-44768 | Delta Electronics CNCSoft Out-of-bounds Read | S | |
| CVE-2021-44769 | TLS Certificate Generation Function Improper Input Validation | | |
| CVE-2021-44771 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-44775 | Cross-site scripting (XSS) issue in Website app of Odoo Community 15.0 and earlier and Odoo Enterpri... | S | |
| CVE-2021-44776 | spx_restservice SubNet_handler_func Broken Access Control | | |
| CVE-2021-44777 | WordPress Email Tracker plugin <= 5.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletion | S | |
| CVE-2021-44779 | WordPress [GWA] AutoResponder plugin <= 2.3 - Unauthenticated SQL Injection (SQLi) vulnerability | S | |
| CVE-2021-44780 | Rejected reason: Not used... | R | |
| CVE-2021-44781 | Rejected reason: Not used... | R | |
| CVE-2021-44782 | Rejected reason: Not used... | R | |
| CVE-2021-44783 | Rejected reason: Not used... | R | |
| CVE-2021-44784 | Rejected reason: Not used... | R | |
| CVE-2021-44785 | Rejected reason: Not used... | R | |
| CVE-2021-44786 | Rejected reason: Not used... | R | |
| CVE-2021-44787 | Rejected reason: Not used... | R | |
| CVE-2021-44788 | Rejected reason: Not used... | R | |
| CVE-2021-44789 | Rejected reason: Not used... | R | |
| CVE-2021-44790 | Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier | E S | |
| CVE-2021-44791 | Reflected XSS on certain HTTP endpoints | M | |
| CVE-2021-44792 | Information Leakege via Unauthorized Access in Single Connect | S | |
| CVE-2021-44793 | Information Leakege via Unauthorized Access in Single Connect | S | |
| CVE-2021-44794 | Information Leakege via Unauthorized Access in Single Connect | S | |
| CVE-2021-44795 | Modifying User Permissions via Unauthorized Access in Single Connect | S | |
| CVE-2021-44827 | There is remote authenticated OS command injection on TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build 17... | E | |
| CVE-2021-44828 | Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19... | | |
| CVE-2021-44829 | Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS through 2.1.0 via the t... | E | |
| CVE-2021-44832 | Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration | S | |
| CVE-2021-44833 | The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file.... | E S | |
| CVE-2021-44835 | An issue was discovered in Active Intelligent Visualization 5. The Vdc header is used in a SQL query... | E | |
| CVE-2021-44836 | An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking acces... | E | |
| CVE-2021-44837 | An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the same ... | E | |
| CVE-2021-44838 | An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST... | E | |
| CVE-2021-44839 | An issue was discovered in Delta RM 1.2. It is possible to request a new password for any other acco... | | |
| CVE-2021-44840 | An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit, create... | E | |
| CVE-2021-44847 | A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 an... | E S | |
| CVE-2021-44848 | In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for invalid a... | E | |
| CVE-2021-44850 | On Xilinx Zynq-7000 SoC devices, physical modification of an SD boot image allows for a buffer overf... | | |
| CVE-2021-44852 | An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity pro... | E | |
| CVE-2021-44854 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. ... | | |
| CVE-2021-44855 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. ... | E | |
| CVE-2021-44856 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. ... | S | |
| CVE-2021-44857 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. ... | | |
| CVE-2021-44858 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. ... | S | |
| CVE-2021-44859 | An out-of-bounds read vulnerability exists when reading a TGA file using Open Design Alliance Drawin... | | |
| CVE-2021-44860 | An out-of-bounds read vulnerability exists when reading a TIF file using Open Design Alliance Drawin... | | |
| CVE-2021-44862 | Sensitive Information store in NSClient logs | S | |
| CVE-2021-44864 | TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated att... | E | |
| CVE-2021-44866 | An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perfo... | E | |
| CVE-2021-44868 | A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/conten... | E | |
| CVE-2021-44874 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL q... | | |
| CVE-2021-44875 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam application... | | |
| CVE-2021-44876 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam application... | | |
| CVE-2021-44877 | Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam app... | | |
| CVE-2021-44878 | If an OpenID Connect provider supports the "none" algorithm (i.e., tokens with no signature), pac4j ... | S | |
| CVE-2021-44879 | In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not consider... | E S | |
| CVE-2021-44880 | D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were disc... | | |
| CVE-2021-44881 | D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vuln... | | |
| CVE-2021-44882 | D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection vulnerabilit... | | |
| CVE-2021-44886 | In Zammad 5.0.2, agents can configure "out of office" periods and substitute persons. If the substit... | | |
| CVE-2021-44892 | A Remote Code Execution (RCE) vulnerability exists in ThinkPHP 3.x.x via value[_filename] in index.p... | E | |
| CVE-2021-44896 | DMP Roadmap before 3.0.4 allows XSS.... | S | |
| CVE-2021-44899 | Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation vul... | E | |
| CVE-2021-44900 | Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulnerable to multiple Privilege Escala... | | |
| CVE-2021-44901 | Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escala... | | |
| CVE-2021-44903 | Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege Escalation... | | |
| CVE-2021-44905 | Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13-2022 a... | E | |
| CVE-2021-44906 | Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69... | E S | |
| CVE-2021-44907 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-44908 | SailsJS Sails.js <=1.4.0 is vulnerable to Prototype Pollution via controller/load-action-modules.js,... | E S | |
| CVE-2021-44911 | XE before 1.11.6 is vulnerable to Unrestricted file upload via modules/menu/menu.admin.controller.ph... | E S | |
| CVE-2021-44912 | In XE 1.116, when uploading the Normal button, there is no restriction on the file suffix, which lea... | E | |
| CVE-2021-44915 | Taocms 3.0.2 was discovered to contain a blind SQL injection vulnerability via the function Edit cat... | E | |
| CVE-2021-44916 | Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vul... | E S | |
| CVE-2021-44917 | A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which ... | E | |
| CVE-2021-44918 | A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, whi... | E | |
| CVE-2021-44919 | A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DE... | E | |
| CVE-2021-44920 | An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra ... | E | |
| CVE-2021-44921 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_inter... | E | |
| CVE-2021-44922 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, ... | E | |
| CVE-2021-44923 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra fun... | E | |
| CVE-2021-44924 | An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of... | E | |
| CVE-2021-44925 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name funct... | E | |
| CVE-2021-44926 | A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, w... | E S | |
| CVE-2021-44927 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, ... | E | |
| CVE-2021-44935 | glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/com... | E | |
| CVE-2021-44937 | glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html/user... | E | |
| CVE-2021-44942 | glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/... | E | |
| CVE-2021-44948 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-44942. Reason: This candidat... | R | |
| CVE-2021-44949 | glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php.... | E | |
| CVE-2021-44954 | In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the ro... | E | |
| CVE-2021-44956 | Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to ... | E | |
| CVE-2021-44957 | Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-2... | E | |
| CVE-2021-44960 | In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handl... | E | |
| CVE-2021-44961 | A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Co... | E | |
| CVE-2021-44962 | An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r... | E | |
| CVE-2021-44964 | Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows att... | E | |
| CVE-2021-44965 | Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Mana... | E | |
| CVE-2021-44966 | SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.... | E | |
| CVE-2021-44967 | A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plu... | E | |
| CVE-2021-44968 | A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in seque... | E | |
| CVE-2021-44969 | Taocms v3.0.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Managemen... | E | |
| CVE-2021-44970 | MiniCMS v1.11 was discovered to contain a cross-site scripting (XSS) vulnerability via /mc-admin/pag... | E | |
| CVE-2021-44971 | Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20... | | |
| CVE-2021-44974 | radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols... | E S | |
| CVE-2021-44975 | radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser.... | E S | |
| CVE-2021-44977 | In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files.... | E | |
| CVE-2021-44978 | iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which... | | |
| CVE-2021-44981 | In QuickBox Pro v2.5.8 and below, the config.php file has a variable which takes a GET parameter val... | E | |
| CVE-2021-44983 | In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download vulnerabilit... | E | |
| CVE-2021-44988 | Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property... | E S | |
| CVE-2021-44992 | There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ec... | E S | |
| CVE-2021-44993 | There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/e... | E S | |
| CVE-2021-44994 | There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/j... | E S |