| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2021-45003 | Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code e... | E | |
| CVE-2021-45005 | Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting ... | S | |
| CVE-2021-45007 | Plesk 18.0.37 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows an attack... | E | |
| CVE-2021-45008 | Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability that allows privilege Escalat... | E | |
| CVE-2021-45010 | A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File ... | E S | |
| CVE-2021-45014 | There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:act... | E | |
| CVE-2021-45015 | taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60... | E | |
| CVE-2021-45017 | Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html fil... | E | |
| CVE-2021-45018 | Cross Site Scripting (XSS) vulnerability exists in Catfish <=6.3.0 via a Google search in url:/catfi... | E | |
| CVE-2021-45024 | ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.... | | |
| CVE-2021-45025 | ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.... | | |
| CVE-2021-45026 | ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site... | | |
| CVE-2021-45027 | An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via the... | E | |
| CVE-2021-45029 | Apache ShenYu 2.4.1 Groovy Code Injection & SpEL Injection | | |
| CVE-2021-45031 | Weak Authentication in Login Function of USC+ | S | |
| CVE-2021-45032 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2021-45033 | A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.... | S | |
| CVE-2021-45034 | A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.... | E S | |
| CVE-2021-45035 | Velneo vClient Improper authentication | S | |
| CVE-2021-45036 | Velneo vClient improper authentication | S | |
| CVE-2021-45038 | An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. ... | | |
| CVE-2021-45039 | Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IP... | E | |
| CVE-2021-45040 | The Spatie media-library-pro library through 1.17.10 and 2.x through 2.1.6 for Laravel allows remote... | E M | |
| CVE-2021-45041 | SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips acti... | E S | |
| CVE-2021-45042 | In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, cl... | | |
| CVE-2021-45043 | HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via th... | E | |
| CVE-2021-45046 | Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | KEV S | |
| CVE-2021-45051 | Adobe Bridge JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2021-45052 | Adobe Bridge TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2021-45053 | Adobe InCopy JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-45054 | Adobe InCopy JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2021-45055 | Adobe InCopy TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2021-45056 | Adobe InCopy JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-45057 | Adobe InDesign JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-45058 | Adobe InDesign JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-45059 | Adobe InDesign JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2021-45060 | Adobe Acrobat Reader DC TTF Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2021-45061 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-45062 | Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2021-45063 | Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2021-45064 | Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2021-45067 | Adobe Acrobat Reader Memory Corruption could lead to Information Disclosure | | |
| CVE-2021-45068 | Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2021-45071 | Cross-site scripting (XSS) issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlie... | S | |
| CVE-2021-45074 | JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low-privilege... | | |
| CVE-2021-45077 | Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames a... | | |
| CVE-2021-45078 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial o... | E S | |
| CVE-2021-45079 | In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without ... | | |
| CVE-2021-45081 | An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol in... | S | |
| CVE-2021-45082 | An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_inva... | E S | |
| CVE-2021-45083 | An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of th... | S | |
| CVE-2021-45085 | XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as de... | E S | |
| CVE-2021-45086 | XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's sugges... | E S | |
| CVE-2021-45087 | XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or ... | E S | |
| CVE-2021-45088 | XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.... | E S | |
| CVE-2021-45089 | Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control.... | | |
| CVE-2021-45090 | Stormshield Endpoint Security before 2.1.2 allows remote code execution.... | | |
| CVE-2021-45091 | Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.... | | |
| CVE-2021-45092 | Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow... | | |
| CVE-2021-45094 | Imprivata Privileged Access Management (formally Xton Privileged Access Management) 2.3.202112051108... | E | |
| CVE-2021-45095 | pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.... | S | |
| CVE-2021-45096 | KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a cra... | | |
| CVE-2021-45097 | KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed in unattended mode) keeps the ad... | | |
| CVE-2021-45098 | An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based sign... | E S | |
| CVE-2021-45099 | The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) befor... | E | |
| CVE-2021-45100 | The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates i... | S | |
| CVE-2021-45101 | An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using... | | |
| CVE-2021-45102 | An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When authenticating t... | M | |
| CVE-2021-45103 | An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can acce... | M | |
| CVE-2021-45104 | An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who can ... | M | |
| CVE-2021-45105 | Apache Log4j2 does not always protect from infinite recursion in lookup evaluation | S | |
| CVE-2021-45106 | A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use a ... | M | |
| CVE-2021-45111 | Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allo... | S | |
| CVE-2021-45115 | An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAt... | S | |
| CVE-2021-45116 | An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to... | S | |
| CVE-2021-45117 | The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can l... | E S | |
| CVE-2021-45222 | An issue was discovered in COINS Construction Cloud 11.12. Due to logical flaws in the human ressour... | E S | |
| CVE-2021-45223 | An issue was discovered in COINS Construction Cloud 11.12. Due to insufficient input neutralization,... | E S | |
| CVE-2021-45224 | An issue was discovered in COINS Construction Cloud 11.12. In several locations throughout the appli... | E S | |
| CVE-2021-45225 | An issue was discovered in COINS Construction Cloud 11.12. Due to improper input neutralization, it ... | E S | |
| CVE-2021-45226 | An issue was discovered in COINS Construction Cloud 11.12. Due to improper validation of user-contro... | E S | |
| CVE-2021-45227 | An issue was discovered in COINS Construction Cloud 11.12. Due to an inappropriate use of HTML IFRAM... | E S | |
| CVE-2021-45228 | An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of... | E S | |
| CVE-2021-45229 | Apache Airflow: Reflected XSS via Origin Query Argument in URL | | |
| CVE-2021-45230 | Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver | M | |
| CVE-2021-45231 | A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and T... | S | |
| CVE-2021-45232 | security vulnerability on unauthorized access. | M | |
| CVE-2021-45252 | Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example o... | E | |
| CVE-2021-45253 | The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be vu... | E | |
| CVE-2021-45255 | The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injec... | E | |
| CVE-2021-45256 | A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c.... | | |
| CVE-2021-45257 | An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.... | | |
| CVE-2021-45258 | A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function, which c... | E S | |
| CVE-2021-45259 | An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, wh... | E | |
| CVE-2021-45260 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, whic... | E | |
| CVE-2021-45261 | An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes... | E | |
| CVE-2021-45262 | An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes ... | E | |
| CVE-2021-45263 | An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, w... | E | |
| CVE-2021-45266 | A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex functi... | E | |
| CVE-2021-45267 | An invalid memory address dereference vulnerability exists in gpac 1.1.0 via the svg_node_start func... | E | |
| CVE-2021-45268 | A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote A... | E | |
| CVE-2021-45281 | QuickBox Pro v2.4.8 contains a cross-site scripting (XSS) vulnerability at "adminuseredit.php?userto... | E | |
| CVE-2021-45286 | Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bo... | E | |
| CVE-2021-45288 | A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Servic... | E S | |
| CVE-2021-45289 | A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which coul... | E | |
| CVE-2021-45290 | A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_un... | E S | |
| CVE-2021-45291 | The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invali... | E | |
| CVE-2021-45292 | The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Inva... | E | |
| CVE-2021-45293 | A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereferenc... | E S | |
| CVE-2021-45297 | An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.... | E | |
| CVE-2021-45310 | Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure v... | E | |
| CVE-2021-45325 | Server Side Request Forgery (SSRF) vulneraility exists in Gitea before 1.7.0 using the OpenID URL.... | S | |
| CVE-2021-45326 | Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before 1.5.2 via API routes.This can... | S | |
| CVE-2021-45327 | Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referenc... | S | |
| CVE-2021-45328 | Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal U... | | |
| CVE-2021-45329 | Cross Site Scripting (XSS) vulnerability exists in Gitea before 1.5.1 via the repository settings in... | S | |
| CVE-2021-45330 | An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to cli... | | |
| CVE-2021-45331 | An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious use... | S | |
| CVE-2021-45334 | Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can by... | E | |
| CVE-2021-45335 | Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused ... | E | |
| CVE-2021-45336 | Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows ... | E | |
| CVE-2021-45337 | Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allow... | E | |
| CVE-2021-45338 | Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to... | E | |
| CVE-2021-45339 | Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elev... | E | |
| CVE-2021-45340 | In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h component ... | E S | |
| CVE-2021-45341 | A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older... | E | |
| CVE-2021-45342 | A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older... | E | |
| CVE-2021-45343 | In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker t... | E S | |
| CVE-2021-45345 | Buffer Overflow vulnerability found in En3rgy WebcamServer v.0.5.2 allows a remote attacker to cause... | | |
| CVE-2021-45346 | A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously craft... | E | |
| CVE-2021-45347 | An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass au... | E | |
| CVE-2021-45348 | An Arbitrary File Deletion vulnerability exists in SourceCodester Attendance Management System v1.0 ... | | |
| CVE-2021-45357 | Cross Site Scripting (XSS) vulnerability exists in Piwigo 12.x via the pwg_activity function in incl... | E | |
| CVE-2021-45364 | A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php.... | E | |
| CVE-2021-45379 | Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user ca... | S | |
| CVE-2021-45380 | AppCMS 2.0.101 has a XSS injection vulnerability in \templates\m\inc_head.php... | E | |
| CVE-2021-45382 | A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, D... | KEV E | |
| CVE-2021-45385 | A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When th... | E S | |
| CVE-2021-45386 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c... | E | |
| CVE-2021-45387 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.... | E | |
| CVE-2021-45388 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-45608. Reason: This candidat... | R | |
| CVE-2021-45389 | A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manag... | | |
| CVE-2021-45391 | A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 functi... | E | |
| CVE-2021-45392 | A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 functi... | E | |
| CVE-2021-45394 | An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can trigger deserialization of arb... | E | |
| CVE-2021-45401 | A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U... | E | |
| CVE-2021-45402 | The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not p... | E S | |
| CVE-2021-45406 | In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql' pa... | E | |
| CVE-2021-45408 | Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious ... | E | |
| CVE-2021-45411 | In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via S... | E | |
| CVE-2021-45414 | A Remote Code Execution (RCE) vulnerability exists in DataRobot through 2021-10-28 because it allows... | E | |
| CVE-2021-45416 | Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject ar... | E S | |
| CVE-2021-45417 | AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as X... | E S | |
| CVE-2021-45418 | Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected product... | E | |
| CVE-2021-45419 | Certain Starcharge products are affected by Improper Input Validation. The affected products include... | | |
| CVE-2021-45420 | Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo... | E | |
| CVE-2021-45421 | Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A pot... | E | |
| CVE-2021-45422 | Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /g... | E | |
| CVE-2021-45423 | A Buffer Overflow vulnerabilityexists in Pev 0.81 via the pe_exports function from exports.c.. The a... | E | |
| CVE-2021-45425 | Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers ... | E | |
| CVE-2021-45427 | Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to p... | E | |
| CVE-2021-45428 | TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so a... | E | |
| CVE-2021-45429 | A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c... | E | |
| CVE-2021-45435 | An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using ... | E | |
| CVE-2021-45440 | A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Se... | S | |
| CVE-2021-45441 | A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a loc... | S | |
| CVE-2021-45442 | A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on pre... | S | |
| CVE-2021-45444 | In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside ... | | |
| CVE-2021-45445 | Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop.... | | |
| CVE-2021-45446 | Pentaho Business Analytics Server - Exposure of Information Through Directory Listing | | |
| CVE-2021-45447 | Pentaho Business Analytics Server - With the Data Lineage feature enabled, the system transmits database passwords in clear text | S | |
| CVE-2021-45448 | Pentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds. | S | |
| CVE-2021-45449 | Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or... | | |
| CVE-2021-45450 | In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow ... | | |
| CVE-2021-45451 | In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption wh... | S | |
| CVE-2021-45452 | Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory t... | S | |
| CVE-2021-45454 | Ampere Altra before SRP 1.08b and Altra Max before SRP 2.05 allow information disclosure of power t... | S | |
| CVE-2021-45456 | Command injection | M | |
| CVE-2021-45457 | Overly broad CORS configuration | M | |
| CVE-2021-45458 | Hardcoded credentials | M | |
| CVE-2021-45459 | lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via ... | E S | |
| CVE-2021-45460 | A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is starte... | S | |
| CVE-2021-45461 | FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is in... | E | |
| CVE-2021-45462 | In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF.... | S | |
| CVE-2021-45463 | load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command lin... | S | |
| CVE-2021-45464 | kvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c and virtio/pci.c.... | E S | |
| CVE-2021-45465 | A vulnerability has been identified in syngo fastView (All versions). The affected application lacks... | | |
| CVE-2021-45466 | In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, attackers can make a crafted r... | E | |
| CVE-2021-45467 | In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, an unauthenticated attacker ca... | E | |
| CVE-2021-45468 | Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to ... | E | |
| CVE-2021-45469 | In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds... | E S | |
| CVE-2021-45470 | lib/DatabaseLayer.py in cve-search before 4.1.0 allows regular expression injection, which can lead ... | E S | |
| CVE-2021-45471 | In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items.... | | |
| CVE-2021-45472 | In MediaWiki through 1.37, XSS can occur in Wikibase because an external identifier property can hav... | | |
| CVE-2021-45473 | In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to ... | E | |
| CVE-2021-45474 | In MediaWiki through 1.37, the Special:ImportFile URI (aka FileImporter) allows XSS, as demonstrated... | | |
| CVE-2021-45475 | Information disclosure in Yordam Library Information Document Automation Program | S | |
| CVE-2021-45476 | Information disclosure in Yordam Library Information Document Automation Program | S | |
| CVE-2021-45477 | IDOR in Yordam Library Automation System | S | |
| CVE-2021-45478 | IDOR in Yordam Library Automation System | S | |
| CVE-2021-45479 | XSS in Yordam Library Automation System | S | |
| CVE-2021-45480 | An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn... | S | |
| CVE-2021-45481 | In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSu... | E | |
| CVE-2021-45482 | In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a diffe... | E | |
| CVE-2021-45483 | In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerabi... | E | |
| CVE-2021-45484 | In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.... | | |
| CVE-2021-45485 | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an informat... | S | |
| CVE-2021-45486 | In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information le... | S | |
| CVE-2021-45487 | In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measu... | | |
| CVE-2021-45488 | In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.... | S | |
| CVE-2021-45489 | In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.... | | |
| CVE-2021-45490 | The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android ... | | |
| CVE-2021-45491 | 3CX System through 2022-03-17 stores cleartext passwords in a database.... | | |
| CVE-2021-45492 | In Sage 300 ERP (formerly accpac) through 6.8.x, the installer configures the C:\Sage\Sage300\Runtim... | E M | |
| CVE-2021-45493 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35... | | |
| CVE-2021-45494 | Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects ... | S | |
| CVE-2021-45495 | NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass.... | S | |
| CVE-2021-45496 | NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.... | S | |
| CVE-2021-45497 | NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.... | S | |
| CVE-2021-45498 | NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass.... | S | |
| CVE-2021-45499 | Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3.140,... | S | |
| CVE-2021-45500 | Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3.140 ... | S | |
| CVE-2021-45501 | Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, ... | S | |
| CVE-2021-45502 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, R... | | |
| CVE-2021-45503 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, R... | | |
| CVE-2021-45504 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, C... | S | |
| CVE-2021-45505 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, R... | | |
| CVE-2021-45506 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, R... | | |
| CVE-2021-45507 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, C... | S | |
| CVE-2021-45508 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, C... | S | |
| CVE-2021-45509 | Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, R... | S | |
| CVE-2021-45510 | NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass.... | | |
| CVE-2021-45511 | Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27... | S | |
| CVE-2021-45512 | Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D85... | | |
| CVE-2021-45513 | NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attac... | | |
| CVE-2021-45514 | NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attac... | | |
| CVE-2021-45515 | Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS4... | | |
| CVE-2021-45516 | Certain NETGEAR devices are affected by denial of service. This affects R6400 before 1.0.1.70, R7000... | | |
| CVE-2021-45517 | NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.... | | |
| CVE-2021-45518 | NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.... | | |
| CVE-2021-45519 | NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.... | | |
| CVE-2021-45520 | Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, R... | S | |
| CVE-2021-45521 | Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, R... | S | |
| CVE-2021-45522 | NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password.... | | |
| CVE-2021-45523 | NETGEAR R7000 devices before 1.0.9.42 are affected by a buffer overflow by an authenticated user.... | | |
| CVE-2021-45524 | NETGEAR R8000 devices before 1.0.4.62 are affected by a buffer overflow by an authenticated user.... | | |
| CVE-2021-45525 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7... | S | |
| CVE-2021-45526 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6... | S | |
| CVE-2021-45527 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D62... | S | |
| CVE-2021-45528 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R63... | S | |
| CVE-2021-45529 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects CBR... | S | |
| CVE-2021-45530 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R70... | S | |
| CVE-2021-45531 | NETGEAR D6220 devices before 1.0.0.76 are affected by command injection by an authenticated user.... | | |
| CVE-2021-45532 | NETGEAR R8000 devices before 1.0.4.76 are affected by command injection by an authenticated user.... | | |
| CVE-2021-45533 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects EX6... | | |
| CVE-2021-45534 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects AC2... | S | |
| CVE-2021-45535 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX... | | |
| CVE-2021-45536 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX... | | |
| CVE-2021-45537 | Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RA... | | |
| CVE-2021-45538 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX... | | |
| CVE-2021-45539 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R79... | S | |
| CVE-2021-45540 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R70... | S | |
| CVE-2021-45541 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R79... | S | |
| CVE-2021-45542 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX... | | |
| CVE-2021-45543 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R80... | S | |
| CVE-2021-45544 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R78... | S | |
| CVE-2021-45545 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R78... | | |
| CVE-2021-45546 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R78... | S | |
| CVE-2021-45547 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R78... | S | |
| CVE-2021-45548 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D78... | S | |
| CVE-2021-45549 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX... | | |
| CVE-2021-45550 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2021-45551 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D62... | S | |
| CVE-2021-45552 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D78... | S | |
| CVE-2021-45553 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R70... | S | |
| CVE-2021-45554 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R64... | S | |
| CVE-2021-45555 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R79... | S | |
| CVE-2021-45556 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS1... | S | |
| CVE-2021-45557 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GC1... | S | |
| CVE-2021-45558 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45559 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45560 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45561 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45562 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45563 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45564 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45565 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45566 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45567 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45568 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45569 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45570 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45571 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45572 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45573 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2021-45574 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45575 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45576 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45577 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45578 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45579 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45580 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45581 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45582 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45583 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45584 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45585 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45586 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45587 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45588 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45589 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45590 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45591 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45592 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2021-45593 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBR... | | |
| CVE-2021-45594 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS... | | |
| CVE-2021-45595 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LBR... | | |
| CVE-2021-45596 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR... | S | |
| CVE-2021-45597 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR... | | |
| CVE-2021-45598 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR... | | |
| CVE-2021-45599 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR... | | |
| CVE-2021-45600 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR... | S | |
| CVE-2021-45601 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR... | S | |
| CVE-2021-45602 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D78... | S | |
| CVE-2021-45603 | Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals ... | S | |
| CVE-2021-45604 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | S | |
| CVE-2021-45605 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | S | |
| CVE-2021-45606 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | S | |
| CVE-2021-45607 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | S | |
| CVE-2021-45608 | Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an inte... | E S | |
| CVE-2021-45609 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45610 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45611 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45612 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45613 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45614 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45615 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45616 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45617 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45618 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45619 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45620 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45621 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45622 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2021-45623 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45624 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45625 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45626 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45627 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45628 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45629 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45630 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45631 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45632 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45633 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45634 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45635 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | S | |
| CVE-2021-45636 | NETGEAR D7000 devices before 1.0.1.82 are affected by a stack-based buffer overflow by an unauthenti... | S | |
| CVE-2021-45637 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | S | |
| CVE-2021-45638 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | S | |
| CVE-2021-45639 | Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 bef... | | |
| CVE-2021-45640 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D... | S | |
| CVE-2021-45641 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D... | S | |
| CVE-2021-45642 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D... | S | |
| CVE-2021-45643 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R... | S | |
| CVE-2021-45644 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects A... | S | |
| CVE-2021-45645 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R... | S | |
| CVE-2021-45646 | NETGEAR R7000 devices before 1.0.11.116 are affected by disclosure of sensitive information.... | S | |
| CVE-2021-45647 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 befo... | S | |
| CVE-2021-45648 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EX6100v2 b... | S | |
| CVE-2021-45649 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 be... | S | |
| CVE-2021-45650 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 befo... | S | |
| CVE-2021-45651 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK50 befo... | S | |
| CVE-2021-45652 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 bef... | S | |
| CVE-2021-45653 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 bef... | S | |
| CVE-2021-45654 | NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information.... | S | |
| CVE-2021-45655 | NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection.... | S | |
| CVE-2021-45656 | Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, ... | S | |
| CVE-2021-45657 | Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, ... | S | |
| CVE-2021-45658 | Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, D... | S | |
| CVE-2021-45659 | Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16, R... | S | |
| CVE-2021-45660 | Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16, R... | S | |
| CVE-2021-45661 | Certain NETGEAR devices are affected by server-side injection. This affects RBK40 before 2.5.1.16, R... | S | |
| CVE-2021-45662 | NETGEAR R7000 devices before 1.0.9.88 are affected by stored XSS.... | S | |
| CVE-2021-45663 | NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.... | S | |
| CVE-2021-45664 | NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.... | S | |
| CVE-2021-45665 | Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before... | S | |
| CVE-2021-45666 | Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before... | S | |
| CVE-2021-45667 | Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before... | S | |
| CVE-2021-45668 | Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before... | S | |
| CVE-2021-45669 | Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 befor... | S | |
| CVE-2021-45670 | Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before... | S | |
| CVE-2021-45671 | Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before... | S | |
| CVE-2021-45672 | Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 befor... | S | |
| CVE-2021-45673 | Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 befo... | S | |
| CVE-2021-45674 | Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 befo... | S | |
| CVE-2021-45675 | Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before... | S | |
| CVE-2021-45676 | Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.5.126, RAX20 befo... | S | |
| CVE-2021-45677 | Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110T... | S | |
| CVE-2021-45678 | NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code.... | | |
| CVE-2021-45679 | Certain NETGEAR devices are affected by privilege escalation. This affects R6900P before 1.3.3.140, ... | | |
| CVE-2021-45680 | An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec fr... | | |
| CVE-2021-45681 | An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference (an... | | |
| CVE-2021-45682 | An issue was discovered in the bronzedb-protocol crate through 2021-01-03 for Rust. ReadKVExt may re... | | |
| CVE-2021-45683 | An issue was discovered in the binjs_io crate through 2021-01-03 for Rust. The Read method may read ... | | |
| CVE-2021-45684 | An issue was discovered in the flumedb crate through 2021-01-07 for Rust. read_entry may read from u... | | |
| CVE-2021-45685 | An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::read_typ... | | |
| CVE-2021-45686 | An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preamble_skipcount may... | | |
| CVE-2021-45687 | An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is us... | | |
| CVE-2021-45688 | An issue was discovered in the ash crate before 0.33.1 for Rust. util::read_spv may read from uninit... | | |
| CVE-2021-45689 | An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfx_auxil::read_spirv ma... | | |
| CVE-2021-45690 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_binary ... | | |
| CVE-2021-45691 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string ... | | |
| CVE-2021-45692 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_extensi... | | |
| CVE-2021-45693 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string_... | | |
| CVE-2021-45694 | An issue was discovered in the rdiff crate through 2021-02-03 for Rust. Window may read from uniniti... | | |
| CVE-2021-45695 | An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trai... | | |
| CVE-2021-45696 | An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 for Rust. Hashes of long messages may b... | | |
| CVE-2021-45697 | An issue was discovered in the molecule crate before 0.7.2 for Rust. A FixVec partial read has an in... | | |
| CVE-2021-45698 | An issue was discovered in the ckb crate before 0.40.0 for Rust. A get_block_template RPC call may f... | | |
| CVE-2021-45699 | An issue was discovered in the ckb crate before 0.40.0 for Rust. Remote attackers may be able to con... | | |
| CVE-2021-45700 | An issue was discovered in the ckb crate before 0.40.0 for Rust. Attackers can cause a denial of ser... | | |
| CVE-2021-45701 | An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may res... | S | |
| CVE-2021-45702 | An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may res... | | |
| CVE-2021-45703 | An issue was discovered in the tectonic_xdv crate before 0.1.12 for Rust. XdvParser:: | | |
| CVE-2021-45704 | An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and me... | | |
| CVE-2021-45705 | An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable r... | | |
| CVE-2021-45706 | An issue was discovered in the zeroize_derive crate before 1.1.1 for Rust. Dropped memory is not zer... | | |
| CVE-2021-45707 | An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0... | | |
| CVE-2021-45708 | An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute oper... | | |
| CVE-2021-45709 | An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption... | | |
| CVE-2021-45710 | An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for... | S | |
| CVE-2021-45711 | An issue was discovered in the simple_asn1 crate 0.6.0 before 0.6.1 for Rust. There is a panic if UT... | | |
| CVE-2021-45712 | An issue was discovered in the rust-embed crate before 6.3.0 for Rust. A ../ directory traversal can... | E | |
| CVE-2021-45713 | An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust... | E | |
| CVE-2021-45714 | An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust... | E | |
| CVE-2021-45715 | An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust... | E | |
| CVE-2021-45716 | An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust... | E | |
| CVE-2021-45717 | An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust... | E | |
| CVE-2021-45718 | An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust... | E | |
| CVE-2021-45719 | An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust... | E | |
| CVE-2021-45720 | An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free,... | E | |
| CVE-2021-45721 | JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scriptin... | S | |
| CVE-2021-45729 | WordPress WP Google Map plugin <= 1.8.0 - Privilege Escalation vulnerability | S | |
| CVE-2021-45730 | JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is ... | S | |
| CVE-2021-45732 | Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear th... | | |
| CVE-2021-45733 | TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability i... | E | |
| CVE-2021-45734 | TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function se... | E | |
| CVE-2021-45735 | TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication in... | E | |
| CVE-2021-45736 | TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function se... | E | |
| CVE-2021-45737 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login f... | E | |
| CVE-2021-45738 | TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability i... | E | |
| CVE-2021-45739 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login f... | E | |
| CVE-2021-45740 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsSt... | E | |
| CVE-2021-45741 | TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function se... | E | |
| CVE-2021-45742 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in... | E | |
| CVE-2021-45744 | A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in lo... | | |
| CVE-2021-45745 | A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in lo... | M | |
| CVE-2021-45746 | A Directory Traversal vulnerability exists in WeBankPartners wecube-platform 3.2.1 via the file vari... | E S | |
| CVE-2021-45756 | Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow ... | E | |
| CVE-2021-45757 | ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a d... | E | |
| CVE-2021-45760 | GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list... | E | |
| CVE-2021-45761 | ROPium v3.1 was discovered to contain an invalid memory address dereference via the find() function.... | E | |
| CVE-2021-45762 | GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_v... | E | |
| CVE-2021-45763 | GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulner... | E | |
| CVE-2021-45764 | GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_c... | E | |
| CVE-2021-45767 | GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read... | E | |
| CVE-2021-45769 | A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 ... | E S | |
| CVE-2021-45773 | A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of l... | E S | |
| CVE-2021-45774 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45775 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45778 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45779 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45780 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45781 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45782 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45783 | Bookeen Notea Firmware BK_R_1.0.5_20210608 is affected by a directory traversal vulnerability that a... | E | |
| CVE-2021-45785 | TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) at... | E | |
| CVE-2021-45786 | In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parame... | E | |
| CVE-2021-45787 | There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS ... | E S | |
| CVE-2021-45788 | Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" paramete... | E S | |
| CVE-2021-45789 | An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can... | E | |
| CVE-2021-45790 | An arbitrary file upload vulnerability was found in Metersphere v1.15.4. Unauthenticated users can u... | E | |
| CVE-2021-45791 | Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/mo... | E | |
| CVE-2021-45792 | Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.... | E | |
| CVE-2021-45793 | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained.... | E | |
| CVE-2021-45794 | Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data can ... | E | |
| CVE-2021-45802 | MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the email... | E | |
| CVE-2021-45803 | MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view... | E | |
| CVE-2021-45806 | jpress v4.2.0 admin panel provides a function through which attackers can modify the template and in... | E | |
| CVE-2021-45807 | jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadA... | E | |
| CVE-2021-45808 | jpress v4.2.0 allows users to register an account by default. With the account, user can upload arbi... | E | |
| CVE-2021-45809 | GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPServ... | E M | |
| CVE-2021-45810 | GlobalProtect-openconnect versions prior to 2.0.0 (exclusive) are affected by incorrect access contr... | E M | |
| CVE-2021-45811 | A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x... | E | |
| CVE-2021-45812 | NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a Cross Site Scripting (XSS) vulnerability.... | E | |
| CVE-2021-45813 | SLICAN WebCTI 1.01 2015 is affected by a Cross Site Scripting (XSS) vulnerability. The attacker can ... | E | |
| CVE-2021-45814 | Nettmp NNT 5.1 is affected by a SQL injection vulnerability. An attacker can bypass authentication a... | E | |
| CVE-2021-45815 | Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting (XSS) vulnerability.... | | |
| CVE-2021-45817 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11689. Reason: This candidat... | R | |
| CVE-2021-45818 | SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response ... | E | |
| CVE-2021-45819 | Wordline HIDCCEMonitorSVC before v5.2.4.3 contains an unquoted service path which allows attackers t... | | |
| CVE-2021-45821 | A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistory... | E | |
| CVE-2021-45822 | A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs be... | E | |
| CVE-2021-45829 | HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.... | E | |
| CVE-2021-45830 | A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/... | E | |
| CVE-2021-45831 | A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which cau... | E | |
| CVE-2021-45832 | A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which c... | E | |
| CVE-2021-45833 | A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_m... | E | |
| CVE-2021-45834 | An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.p... | E | |
| CVE-2021-45835 | The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of da... | E | |
| CVE-2021-45836 | An authenticated attacker can execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4... | E | |
| CVE-2021-45837 | It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15... | E | |
| CVE-2021-45839 | It is possible to obtain the first administrator's hash set up on the system in Terramaster F4-210, ... | E | |
| CVE-2021-45840 | It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15... | E | |
| CVE-2021-45841 | In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cooki... | E | |
| CVE-2021-45842 | It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2... | E | |
| CVE-2021-45843 | glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. The value o... | E | |
| CVE-2021-45844 | Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker t... | E S | |
| CVE-2021-45845 | The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an atta... | E S | |
| CVE-2021-45846 | A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash ... | E | |
| CVE-2021-45847 | Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each all... | S | |
| CVE-2021-45848 | Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Sou... | E S | |
| CVE-2021-45851 | A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtainin... | E | |
| CVE-2021-45852 | An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious att... | E | |
| CVE-2021-45856 | Accu-Time Systems MAXIMUS 1.0 telnet service suffers from a remote buffer overflow which causes the ... | E | |
| CVE-2021-45860 | An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to cause... | E S | |
| CVE-2021-45861 | There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of ts... | E S | |
| CVE-2021-45863 | tsMuxer git-2678966 was discovered to contain a heap-based buffer overflow via the function HevcUnit... | E S | |
| CVE-2021-45864 | tsMuxer git-c6a0277 was discovered to contain a segmentation fault via DTSStreamReader::findFrame in... | E S | |
| CVE-2021-45865 | A File Upload vulnerability exists in Sourcecodester Student Attendance Manageent System 1.0 via the... | E | |
| CVE-2021-45866 | A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Student Attendance Manage... | E | |
| CVE-2021-45868 | In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the q... | E S | |
| CVE-2021-45876 | Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The... | | |
| CVE-2021-45877 | Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded cr... | | |
| CVE-2021-45878 | Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of acce... | | |
| CVE-2021-45884 | In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying exten... | E S | |
| CVE-2021-45885 | An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). ... | | |
| CVE-2021-45886 | An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally valid, ... | E | |
| CVE-2021-45887 | An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private/Sche... | E | |
| CVE-2021-45888 | An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on ... | E | |
| CVE-2021-45889 | An issue was discovered in PONTON X/P Messenger before 3.11.2. Several functions are vulnerable to r... | E | |
| CVE-2021-45890 | basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive identif... | S | |
| CVE-2021-45891 | An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate priv... | E | |
| CVE-2021-45892 | An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is storage of Passwords in a Reco... | | |
| CVE-2021-45893 | An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is Improper Handling of Case Sens... | E | |
| CVE-2021-45894 | An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is Cleartext Transmission of Sens... | E | |
| CVE-2021-45895 | Netgen Tags Bundle 3.4.x before 3.4.11 and 4.0.x before 4.0.15 allows XSS in the Tags Admin interfac... | | |
| CVE-2021-45896 | Nokia FastMile 3TG00118ABAD52 devices allow privilege escalation by an authenticated user via is_ctc... | E | |
| CVE-2021-45897 | SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.... | E S | |
| CVE-2021-45898 | SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows local file inclusion.... | | |
| CVE-2021-45899 | SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code... | | |
| CVE-2021-45900 | Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the adm... | E | |
| CVE-2021-45901 | The password-reset form in ServiceNow Orlando provides different responses to invalid authentication... | E | |
| CVE-2021-45903 | A persistent cross-site scripting (XSS) issue in the web interface of SuiteCRM before 7.10.35, and 7... | | |
| CVE-2021-45904 | OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen.... | E | |
| CVE-2021-45905 | OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen.... | E | |
| CVE-2021-45906 | OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen.... | E | |
| CVE-2021-45907 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a for loop... | E | |
| CVE-2021-45908 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a while lo... | E | |
| CVE-2021-45909 | An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the ... | E | |
| CVE-2021-45910 | An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main funct... | E | |
| CVE-2021-45911 | An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function.... | E | |
| CVE-2021-45912 | An unauthenticated Named Pipe channel in Controlup Real-Time Agent (cuAgent.exe) before 8.5 potentia... | S | |
| CVE-2021-45913 | A hardcoded key in ControlUp Real-Time Agent (cuAgent.exe) before 8.2.5 may allow a potential attack... | S | |
| CVE-2021-45914 | In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST reque... | | |
| CVE-2021-45915 | In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie val... | | |
| CVE-2021-45916 | SUN & MOON RISE CO., LTD. Shockwall - Improper Input Validation | S | |
| CVE-2021-45917 | SUN & MOON RISE CO., LTD. Shockwall - Improper Authentication | S | |
| CVE-2021-45918 | NHI’s health insurance web service component – Heap-based Buffer Overflow | S | |
| CVE-2021-45919 | Studio 42 elFinder through 2.1.31 allows XSS via an SVG document.... | E | |
| CVE-2021-45925 | Username Enumeration | | |
| CVE-2021-45926 | MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_... | E S | |
| CVE-2021-45927 | MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_... | E S | |
| CVE-2021-45928 | libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds writ... | E S | |
| CVE-2021-45929 | Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If)... | E | |
| CVE-2021-45930 | Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::Q... | E S | |
| CVE-2021-45931 | HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_... | E S | |
| CVE-2021-45932 | wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from M... | E S | |
| CVE-2021-45933 | wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from M... | E S | |
| CVE-2021-45934 | wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttCl... | E S | |
| CVE-2021-45935 | Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::... | E | |
| CVE-2021-45936 | wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClie... | E S | |
| CVE-2021-45937 | wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttCl... | E S | |
| CVE-2021-45938 | wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttCl... | E S | |
| CVE-2021-45939 | wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttCl... | E S | |
| CVE-2021-45940 | libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from... | E | |
| CVE-2021-45941 | libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from... | E | |
| CVE-2021-45942 | OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (... | E S | |
| CVE-2021-45943 | GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (call... | E S | |
| CVE-2021-45944 | Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sa... | E | |
| CVE-2021-45945 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45946 | Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileB... | E | |
| CVE-2021-45947 | Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDa... | E | |
| CVE-2021-45948 | Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safe... | E | |
| CVE-2021-45949 | Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (ca... | E | |
| CVE-2021-45950 | LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (calle... | E | |
| CVE-2021-45951 | Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wild... | E | |
| CVE-2021-45952 | Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). ... | E | |
| CVE-2021-45953 | Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_u... | E | |
| CVE-2021-45954 | Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth)... | E | |
| CVE-2021-45955 | Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuz... | E | |
| CVE-2021-45956 | Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). ... | E | |
| CVE-2021-45957 | Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest an... | E | |
| CVE-2021-45958 | UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecke... | E S | |
| CVE-2021-45959 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2021-45960 | In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function ... | E S | |
| CVE-2021-45966 | An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /ser... | E | |
| CVE-2021-45967 | An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NG... | E S | |
| CVE-2021-45968 | An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as used... | E | |
| CVE-2021-45969 | An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 befor... | | |
| CVE-2021-45970 | An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before... | | |
| CVE-2021-45971 | An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 bef... | | |
| CVE-2021-45972 | The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value insi... | E | |
| CVE-2021-45975 | In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism ... | E | |
| CVE-2021-45977 | JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 R... | | |
| CVE-2021-45978 | Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod... | | |
| CVE-2021-45979 | Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod... | | |
| CVE-2021-45980 | Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod... | | |
| CVE-2021-45981 | NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.... | | |
| CVE-2021-45982 | NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged user.... | | |
| CVE-2021-45983 | NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.... | | |
| CVE-2021-45985 | In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-rea... | E S | |
| CVE-2021-45986 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerab... | | |
| CVE-2021-45987 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerab... | | |
| CVE-2021-45988 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45989 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45990 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerab... | | |
| CVE-2021-45991 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45992 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45993 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45994 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45995 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45996 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | E | |
| CVE-2021-45997 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func... | | |
| CVE-2021-45998 | D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vuln... | |