Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 164054 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2021-43457 An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path. HIGH Apr 4, 2022 n/a
CVE-2021-43456 An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path. MEDIUM Apr 4, 2022 n/a
CVE-2021-43455 An Unquoted Service Path vulnerability exists in FreeLAN 2.2 via a specially crafted file in the FreeLAN Service path. HIGH Apr 4, 2022 n/a
CVE-2021-43454 An Unquoted Service Path vulnerability exists in AnyTXT Searcher 1.2.394 via a specially crafted file in the ATService path. . MEDIUM Apr 4, 2022 n/a
CVE-2021-43453 A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0 and prior versions via an out-of-bounds read in parser_parse_for_statement_start in the js-parser-statm.c file. This issue is similar to CVE-2020-29657. HIGH Apr 8, 2022 n/a
CVE-2021-43451 SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php. HIGH Dec 3, 2021 n/a
CVE-2021-43449 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The document editor service can be abused to read and serve arbitrary URLs as a document. -- Jan 23, 2023 n/a
CVE-2021-43448 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Improper Input Validation. A lack of input validation can allow an attacker to spoof the names of users who interact with a document, if the document id is known. -- Jan 23, 2023 n/a
CVE-2021-43447 ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An authentication bypass in the document editor allows attackers to edit documents without authentication. -- Jan 23, 2023 n/a
CVE-2021-43446 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). The macros feature of the document editor allows malicious cross site scripting payloads to be used. -- Jan 23, 2023 n/a
CVE-2021-43445 ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key. -- Jan 23, 2023 n/a
CVE-2021-43444 ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key. -- Jan 23, 2023 n/a
CVE-2021-43442 A Logic Flaw vulnerability exists in i3 International Inc Annexxus Camera V5.2.0 build 150317 (Ax46), V5.0.9 build 151106 (Ax68), and V5.0.9 build 150615 (Ax78) due to a failure to allow the creation of more than one administrator account; however, this can be bypassed by parameter maniulation using PUT and DELETE and by calling the \'UserPermission\' endpoint with the ID of created account and set it to \'admin\' userType, successfully adding a second administrative account. MEDIUM Apr 11, 2022 n/a
CVE-2021-43441 An HTML Injection Vulnerability in iOrder 1.0 allows the remote attacker to execute Malicious HTML codes via the signup form MEDIUM Dec 20, 2021 n/a
CVE-2021-43440 Multiple Stored XSS Vulnerabilities in the Source Code of iOrder 1.0 allow remote attackers to execute arbitrary code via signup form in the Name and Phone number field. MEDIUM Dec 23, 2021 n/a
CVE-2021-43439 RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands remotely HIGH Dec 22, 2021 n/a
CVE-2021-43438 Stored XSS in Signup Form in iResturant 1.0 Allows Remote Attacker to Inject Arbitrary code via NAME and ADDRESS field LOW Dec 22, 2021 n/a
CVE-2021-43437 In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host Header comes in. This header specifies which website should process the HTTP request. The web server uses the value of this header to dispatch the request to the specified website. Each website hosted on the same IP address is called a virtual host. And It\'s possible to send requests with arbitrary Host Headers to the first virtual host. MEDIUM Dec 20, 2021 n/a
CVE-2021-43436 MartDevelopers Inc iResturant v1.0 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed. LOW Jan 12, 2022 n/a
CVE-2021-43432 A Cross Site Scripting (XSS) vulnerability exists in Exrick XMall Admin Panel as of 11/7/2021 via the GET parameter in product-add.jsp. MEDIUM Apr 7, 2022 n/a
CVE-2021-43430 An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files. MEDIUM Apr 7, 2022 n/a
CVE-2021-43429 A Denial of Service vulnerability exists in CORTX-S3 Server as of 11/7/2021 via the mempool_destroy method due to a failture to release locks pool->lock. MEDIUM Apr 7, 2022 n/a
CVE-2021-43421 A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code. HIGH Apr 7, 2022 n/a
CVE-2021-43420 SQL injection vulnerability in Login.php in Sourcecodester Online Payment Hub v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter. HIGH Jan 28, 2022 n/a
CVE-2021-43419 An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app. -- Nov 7, 2023 n/a
CVE-2021-43415 HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1. MEDIUM Dec 3, 2021 n/a
CVE-2021-43414 An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access. MEDIUM Nov 7, 2021 n/a
CVE-2021-43413 An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access. HIGH Nov 7, 2021 n/a
CVE-2021-43412 An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any port, which can lead to port use-after-free. This can be exploited for local privilege escalation to get full root access. HIGH Nov 7, 2021 n/a
CVE-2021-43411 An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there\'s a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access. HIGH Nov 7, 2021 n/a
CVE-2021-43410 Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. In particular, some HTTP request parameters are logged without first being escaped. Versions affected: master branch before commit 3c5d8c7 [1] of airavata-django-portal [1] https://github.com/apache/airavata-django-portal/commit/3c5d8c72bfc3eb0af8693a655a5d60f9273f8170 MEDIUM Dec 9, 2021 n/a
CVE-2021-43409 The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker. MEDIUM Nov 19, 2021 n/a
CVE-2021-43408 The Duplicate Post WordPress plugin up to and including version 1.1.9 is vulnerable to SQL Injection. SQL injection vulnerabilities occur when client supplied data is included within an SQL Query insecurely. SQL Injection can typically be exploited to read, modify and delete SQL table data. In many cases it also possible to exploit features of SQL server to execute system commands and/or access the local file system. This particular vulnerability can be exploited by any authenticated user who has been granted access to use the Duplicate Post plugin. By default, this is limited to Administrators, however the plugin presents the option to permit access to the Editor, Author, Contributor and Subscriber roles. HIGH Nov 19, 2021 n/a
CVE-2021-43406 An issue was discovered in FusionPBX before 4.5.30. The fax_post_size may have risky characters (it is not constrained to preset values). MEDIUM Nov 5, 2021 n/a
CVE-2021-43405 An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric). MEDIUM Nov 5, 2021 n/a
CVE-2021-43404 An issue was discovered in FusionPBX before 4.5.30. The FAX file name may have risky characters. MEDIUM Nov 5, 2021 n/a
CVE-2021-43403 An issue was discovered in FusionPBX before 4.5.30. The log_viewer.php Log View page allows an authenticated user to choose an arbitrary filename for download (i.e., not necessarily freeswitch.log in the intended directory). -- Sep 30, 2022 n/a
CVE-2021-43400 An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. MEDIUM Nov 5, 2021 n/a
CVE-2021-43399 The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device. HIGH Dec 8, 2021 n/a
CVE-2021-43398 Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this report is disputed by the vendor and multiple third parties. The execution-time differences are intentional. A user may make a choice of a longer key as a tradeoff between strength and performance. In making this choice, the amount of information leaked to an adversary is of infinitesimal value MEDIUM Nov 5, 2021 n/a
CVE-2021-43397 LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin. HIGH Nov 12, 2021 n/a
CVE-2021-43396 In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \'\\0\' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\'s no security impact to the bug. MEDIUM Nov 4, 2021 n/a
CVE-2021-43395 An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. -- Dec 27, 2022 n/a
CVE-2021-43394 Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated. HIGH Jan 31, 2022 n/a
CVE-2021-43393 STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. LOW Mar 4, 2022 n/a
CVE-2021-43392 STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. LOW Mar 4, 2022 n/a
CVE-2021-43391 An Out-of-Bounds Read vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid dash counter in line types) can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. MEDIUM Nov 14, 2021 n/a
CVE-2021-43390 An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. MEDIUM Nov 14, 2021 n/a
CVE-2021-43389 An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. LOW Nov 5, 2021 n/a
CVE-2021-43388 Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. The issue is addressed by ensuring that the allowBackup flag (in the manifest) is False. MEDIUM Dec 16, 2021 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online