The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2021-27984 | In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files. | HIGH | Dec 10, 2021 |
| CVE-2021-27983 | Remote Code Execution (RCE) vulnerability exists in MaxSite CMS v107.5 via the Documents page. | HIGH | Dec 10, 2021 |
| CVE-2021-26340 | A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM). | LOW | Dec 10, 2021 |
| CVE-2021-25517 | An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution. | MEDIUM | Dec 10, 2021 |
| CVE-2021-25514 | An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information. | MEDIUM | Dec 10, 2021 |
| CVE-2021-25513 | An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | LOW | Dec 10, 2021 |
| CVE-2021-25512 | An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities. | MEDIUM | Dec 10, 2021 |
| CVE-2021-25511 | An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability. | MEDIUM | Dec 10, 2021 |
| CVE-2021-25510 | An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution. | MEDIUM | Dec 10, 2021 |
| CVE-2021-23700 | All versions of package merge-deep2 are vulnerable to Prototype Pollution via the mergeDeep() function. | HIGH | Dec 10, 2021 |
| CVE-2021-23663 | All versions of package sey are vulnerable to Prototype Pollution via the deepmerge() function. | HIGH | Dec 10, 2021 |
| CVE-2021-23639 | The package md-to-pdf before 5.0.0 are vulnerable to Remote Code Execution (RCE) due to utilizing the library gray-matter to parse front matter content, without disabling the JS engine. | HIGH | Dec 10, 2021 |
| CVE-2021-23561 | All versions of package comb are vulnerable to Prototype Pollution via the deepMerge() function. | HIGH | Dec 10, 2021 |
| CVE-2021-23463 | The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. If it executes the getSource() method when the parameter is DOMSource.class it will trigger the vulnerability. | MEDIUM | Dec 10, 2021 |
| CVE-2021-20047 | SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system. | MEDIUM | Dec 10, 2021 |
| CVE-2021-20045 | A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the \'nobody\' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | HIGH | Dec 10, 2021 |
| CVE-2021-20044 | A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote authenticated attacker to execute OS system commands in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | HIGH | Dec 10, 2021 |
| CVE-2021-20043 | A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | MEDIUM | Dec 10, 2021 |
| CVE-2021-20042 | An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | HIGH | Dec 10, 2021 |
| CVE-2021-20041 | An unauthenticated and remote adversary can consume all of the device\'s CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | HIGH | Dec 10, 2021 |
| CVE-2021-20040 | A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a \'nobody\' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | MEDIUM | Dec 10, 2021 |
| CVE-2021-20039 | Improper neutralization of special elements in the SMA100 management interface \'/cgi-bin/viewcert\' POST http method allows a remote authenticated attacker to inject arbitrary commands as a \'nobody\' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances. | HIGH | Dec 10, 2021 |
| CVE-2021-20038 | A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server\'s mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a \'nobody\' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions. | HIGH | Dec 10, 2021 |
| CVE-2021-4089 | snipe-it is vulnerable to Improper Access Control | MEDIUM | Dec 10, 2021 |
| CVE-2021-4084 | pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') | MEDIUM | Dec 10, 2021 |
| CVE-2021-4082 | pimcore is vulnerable to Cross-Site Request Forgery (CSRF) | MEDIUM | Dec 10, 2021 |
| CVE-2021-4081 | pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') | MEDIUM | Dec 10, 2021 |
| CVE-2021-4033 | kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) | MEDIUM | Dec 10, 2021 |
| CVE-2021-3829 | openwhyd is vulnerable to URL Redirection to Untrusted Site | MEDIUM | Dec 10, 2021 |
| CVE-2021-3815 | utils.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (\'Prototype Pollution\') | HIGH | Dec 10, 2021 |
| CVE-2020-12890 | Improper handling of pointers in the System Management Mode (SMM) handling code may allow for a privileged attacker with physical or administrative access to potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by the operating system. | HIGH | Dec 10, 2021 |
| CVE-2021-43815 | Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. | -- | Dec 11, 2021 |
| CVE-2021-43813 | Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text. | -- | Dec 11, 2021 |
| CVE-2021-43798 | Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline. | MEDIUM | Dec 11, 2021 |
| CVE-2021-4092 | yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF) | MEDIUM | Dec 11, 2021 |
| CVE-2021-44833 | The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file. | HIGH | Dec 12, 2021 |
| CVE-2021-44515 | Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. | HIGH | Dec 12, 2021 |
| CVE-2021-44514 | OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories. | HIGH | Dec 12, 2021 |
| CVE-2021-4097 | phpservermon is vulnerable to Improper Neutralization of CRLF Sequences | MEDIUM | Dec 12, 2021 |
| CVE-2021-44228 | Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | HIGH | Dec 12, 2021 |
| CVE-2021-44966 | SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system. | HIGH | Dec 13, 2021 |
| CVE-2021-44965 | Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server. | HIGH | Dec 13, 2021 |
| CVE-2021-43117 | fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access. | HIGH | Dec 13, 2021 |
| CVE-2021-36169 | A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations. | MEDIUM | Dec 13, 2021 |
| CVE-2021-22279 | A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port. | HIGH | Dec 13, 2021 |
| CVE-2020-16155 | The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data. | MEDIUM | Dec 13, 2021 |
| CVE-2020-16154 | The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. | MEDIUM | Dec 13, 2021 |
| CVE-2021-4095 | A NULL pointer dereference was found in the Linux kernel\'s KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1. | LOW | Dec 13, 2021 |
| CVE-2021-4093 | A flaw was found in the KVM\'s AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. | HIGH | Dec 13, 2021 |
| CVE-2021-4090 | An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat. | MEDIUM | Dec 13, 2021 |
