The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2021-38560 | Ivanti Service Manager 2021.1 allows reflected XSS via the appName parameter associated with ConfigDB calls, such as in RelocateAttachments.aspx. | MEDIUM | Feb 5, 2022 | n/a |
| CVE-2021-38130 | A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. The vulnerability could be exploited to create an information leakage attack. | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2021-37194 | A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS allows to upload and store arbitrary files at the webserver. This could allow an attacker to store malicious files. | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2021-37109 | There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-36349 | Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts. | MEDIUM | Jan 28, 2022 | n/a |
| CVE-2021-36348 | iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to iDRAC. | MEDIUM | Jan 31, 2022 | n/a |
| CVE-2021-36346 | Dell iDRAC 8 prior to version 2.82.82.82 contain a denial of service vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to deny access to the iDRAC webserver. | MEDIUM | Jan 31, 2022 | n/a |
| CVE-2021-36289 | Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it. | MEDIUM | Jan 31, 2022 | n/a |
| CVE-2021-36193 | Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands. | MEDIUM | Feb 7, 2022 | n/a |
| CVE-2021-33625 | An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses. | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2021-33137 | Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-33129 | Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-33120 | Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-33115 | Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-33113 | Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-33101 | Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-33068 | Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-32842 | SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that `_baseDirectory` ends with slash. If the _baseDirectory is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 fixed this vulnerability. | MEDIUM | Feb 7, 2022 | n/a |
| CVE-2021-32841 | SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that `destDir` ends with slash. If the `destDir` is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins with the destination directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints, the arbitrary file creation impact is limited and depends on the use case. Version 1.3.3 contains a patch for this vulnerability. | MEDIUM | Feb 7, 2022 | n/a |
| CVE-2021-32732 | ### Impact It\'s possible to know if a user has or not an account in a wiki related to an email address, and which username(s) is actually tied to that email by forging a request to the Forgot username page. Note that since this page does not have a CSRF check it\'s quite easy to perform a lot of those requests. ### Patches This issue has been patched in XWiki 12.10.5 and 13.2RC1. Two different patches are provided: - a first one to fix the CSRF problem - a more complex one that now relies on sending an email for the Forgot username process. ### Workarounds It\'s possible to fix the problem without uprading by editing the ForgotUsername page in version below 13.x, to use the following code: https://github.com/xwiki/xwiki-platform/blob/69548c0320cbd772540cf4668743e69f879812cf/xwiki-platform-core/xwiki-platform-administration/xwiki-platform-administration-ui/src/main/resources/XWiki/ForgotUsername.xml#L39-L123 In version after 13.x it\'s also possible to edit manually the forgotusername.vm file, but it\'s really encouraged to upgrade the version here. ### References * https://jira.xwiki.org/browse/XWIKI-18384 * https://jira.xwiki.org/browse/XWIKI-18408 ### For more information If you have any questions or comments about this advisory: * Open an issue in [Jira XWiki](https://jira.xwiki.org) * Email us at [security ML](mailto:security@xwiki.org) | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-32036 | An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.3; MongoDB Server v4.4 versions prior to and including 4.4.9; MongoDB Server v4.2 versions prior to and including 4.2.16 and MongoDB Server v4.0 versions prior to and including 4.0.28 | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2021-31567 | Authenticated (admin+) Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin (versions <= 4.4.6). The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the &downloadable_file_urls[0] parameter data. It\'s also possible to escape from the web server home directory and download any file within the OS. | MEDIUM | Feb 3, 2022 | n/a |
| CVE-2021-30326 | Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | MEDIUM | Feb 11, 2022 | n/a |
| CVE-2021-30325 | Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | MEDIUM | Feb 11, 2022 | n/a |
| CVE-2021-30324 | Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | MEDIUM | Feb 11, 2022 | n/a |
| CVE-2021-30318 | Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | MEDIUM | Feb 11, 2022 | n/a |
| CVE-2021-30309 | Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | MEDIUM | Feb 11, 2022 | n/a |
| CVE-2021-29846 | IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 205256. | MEDIUM | Feb 2, 2022 | n/a |
| CVE-2021-29845 | IBM Security Guardium Insights 3.0 could allow an authenticated user to perform unauthorized actions due to improper input validation. IBM X-Force ID: 205255. | MEDIUM | Feb 2, 2022 | n/a |
| CVE-2021-29838 | IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | MEDIUM | Feb 2, 2022 | n/a |
| CVE-2021-29398 | Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to browse and list the directories across the entire filesystem of the host of the web application. | MEDIUM | Feb 8, 2022 | n/a |
| CVE-2021-29397 | Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP. | MEDIUM | Feb 8, 2022 | n/a |
| CVE-2021-29395 | Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application. | MEDIUM | Feb 8, 2022 | n/a |
| CVE-2021-29394 | Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote authenticated users to change the password of any targeted user accounts via lack of proper authorization in the user-controlled userID parameter of the HTTP POST request. | MEDIUM | Feb 8, 2022 | n/a |
| CVE-2021-29219 | A potential local buffer overflow vulnerability has been identified in HPE FlexNetwork 5130 EL Switch Series version: Prior to 5130_EI_7.10.R3507P02. HPE has made the following software update to resolve the vulnerability in HPE FlexNetwork 5130 EL Switch Series version 5130_EL_7.10.R3507P02. | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2021-29218 | A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of confidentiality, integrity, and availability. HPE has provided software updates to resolve the vulnerability in HPE Agentless Management Service for Windows. | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2021-28962 | Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain privileges via CLI commands. | MEDIUM | Feb 4, 2022 | n/a |
| CVE-2021-28503 | The impact of this vulnerability is that Arista\'s EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI. | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2021-28096 | An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections. | MEDIUM | Feb 4, 2022 | n/a |
| CVE-2021-27654 | Forgotten password reset functionality for local accounts can be used to bypass local authentication checks. | MEDIUM | Feb 3, 2022 | n/a |
| CVE-2021-26613 | improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-26264 | A specially crafted script could cause the DeltaV Distributed Control System Controllers (All Versions) to restart and cause a denial-of-service condition. | MEDIUM | Feb 2, 2022 | n/a |
| CVE-2021-25939 | In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests performed internally, which can be abused by a highly-privileged attacker to perform blind SSRF and send internal requests to localhost. | MEDIUM | Feb 11, 2022 | n/a |
| CVE-2021-25108 | The IP2Location Country Blocker WordPress plugin before 2.26.6 does not have CSRF check in the ip2location_country_blocker_save_rules AJAX action, allowing attackers to make a logged in admin block arbitrary country, or block all of them at once, preventing users from accessing the frontend. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-25097 | The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in place when deleting publications, allowing any authenticated users, such as subscriber to delete arbitrary publication | MEDIUM | Feb 4, 2022 | n/a |
| CVE-2021-25096 | The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a specific parameter in the URL | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-25095 | The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and CSRF checks in the ip2location_country_blocker_save_rules AJAX action, allowing any authenticated users, such as subscriber to call it and block arbitrary country, or block all of them at once, preventing users from accessing the frontend. | MEDIUM | Feb 10, 2022 | n/a |
| CVE-2021-25093 | The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary links via a crafted request | MEDIUM | Feb 4, 2022 | n/a |
| CVE-2021-25092 | The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library settings, allowing attackers to make a logged in admin reset arbitrary settings via a CSRF attack | MEDIUM | Feb 4, 2022 | n/a |
| CVE-2021-25091 | The Link Library WordPress plugin before 7.2.9 does not sanitise and escape the settingscopy parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | MEDIUM | Feb 4, 2022 | n/a |
