Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 136717 entries
IDDescriptionPriorityModified date
CVE-2021-42369 Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the Export to CSV feature of the Contact Manager web GUI. -- Oct 14, 2021
CVE-2021-42342 An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts. -- Oct 14, 2021
CVE-2021-42341 checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the \'\\0\' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced as part of OpenRC 0.44.0 development. -- Oct 14, 2021
CVE-2021-42340 The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. -- Oct 15, 2021
CVE-2021-42336 The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s account information except password by crafting URL parameters. -- Oct 15, 2021
CVE-2021-42335 Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack. -- Oct 15, 2021
CVE-2021-42334 The Easytest contains SQL injection vulnerabilities. After obtaining a user’s privilege, remote attackers can inject SQL commands into the parameters of the elective course management page to obtain all database and administrator permissions. -- Oct 15, 2021
CVE-2021-42333 The Easytest contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions. -- Oct 15, 2021
CVE-2021-42332 The “List View” function of ShinHer StudyOnline System is not under authority control. After logging in with user’s privilege, remote attackers can access the content of other users’ message boards by crafting URL parameters. -- Oct 15, 2021
CVE-2021-42331 The “Study Edit” function of ShinHer StudyOnline System does not perform permission control. After logging in with user’s privilege, remote attackers can access and edit other users’ tutorial schedule by crafting URL parameters. -- Oct 15, 2021
CVE-2021-42330 The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters. -- Oct 15, 2021
CVE-2021-42329 The “List_Add” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. After logging in with user’s privilege, remote attackers can inject JavaScript and execute stored XSS attacks. -- Oct 15, 2021
CVE-2021-42326 Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter. -- Oct 12, 2021
CVE-2021-42325 Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name. -- Oct 13, 2021
CVE-2021-42260 TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service. -- Oct 12, 2021
CVE-2021-42257 check_smart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path (the /dev/bus substring and a number), aka an unanchored regular expression. -- Oct 14, 2021
CVE-2021-42252 An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes. -- Oct 12, 2021
CVE-2021-42228 A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html. -- Oct 15, 2021
CVE-2021-42227 Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed). -- Oct 14, 2021
CVE-2021-42224 SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php. -- Oct 14, 2021
CVE-2021-42223 Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management System 1.0 in view-booking-detail.php. -- Oct 13, 2021
CVE-2021-42139 Deno before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. -- Oct 12, 2021
CVE-2021-42137 An issue was discovered in Zammad before 5.0.1. In some cases, there is improper enforcement of the privilege requirement for viewing a list of tickets that shows title, state, etc. -- Oct 12, 2021
CVE-2021-42135 HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials. -- Oct 12, 2021
CVE-2021-42134 The Unicorn framework before 0.36.1 for Django allows XSS via a component. NOTE: this issue exists because of an incomplete fix for CVE-2021-42053. -- Oct 12, 2021
CVE-2021-42112 The File upload question functionality in LimeSurvey 3.x-LTS through 3.27.18 allows XSS in assets/scripts/modaldialog.js and assets/scripts/uploader.js. -- Oct 9, 2021
CVE-2021-42109 VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root. -- Oct 9, 2021
CVE-2021-42095 Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar. MEDIUM Oct 8, 2021
CVE-2021-42094 An issue was discovered in Zammad before 4.1.1. Command Injection can occur via custom Packages. HIGH Oct 8, 2021
CVE-2021-42093 An issue was discovered in Zammad before 4.1.1. An admin can execute code on the server via a crafted request that manipulates triggers. MEDIUM Oct 8, 2021
CVE-2021-42092 An issue was discovered in Zammad before 4.1.1. Stored XSS may occur via an Article during addition of an attachment to a Ticket. LOW Oct 8, 2021
CVE-2021-42091 An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration. MEDIUM Oct 8, 2021
CVE-2021-42090 An issue was discovered in Zammad before 4.1.1. The Form functionality allows remote code execution because deserialization is mishandled. HIGH Oct 8, 2021
CVE-2021-42089 An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information. MEDIUM Oct 8, 2021
CVE-2021-42088 An issue was discovered in Zammad before 4.1.1. The Chat functionality allows XSS because clipboard data is mishandled. MEDIUM Oct 8, 2021
CVE-2021-42087 An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via the API. MEDIUM Oct 8, 2021
CVE-2021-42086 An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request. MEDIUM Oct 8, 2021
CVE-2021-42085 An issue was discovered in Zammad before 4.1.1. There is stored XSS via a custom Avatar. LOW Oct 8, 2021
CVE-2021-42084 An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service. MEDIUM Oct 8, 2021
CVE-2021-42071 In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py Uaer-Agent HTTP header. HIGH Oct 7, 2021
CVE-2021-42054 ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication. MEDIUM Oct 7, 2021
CVE-2021-42053 The Unicorn framework through 0.35.3 for Django allows XSS via component.name. LOW Oct 8, 2021
CVE-2021-42044 An issue was discovered in the Mentor dashboard in the GrowthExperiments extension in MediaWiki through 1.36.2. The Growthexperiments-mentor-dashboard-mentee-overview-add-filter-total-edits-headline, growthexperiments-mentor-dashboard-mentee-overview-add-filter-starred-headline, growthexperiments-mentor-dashboard-mentee-overview-info-text, growthexperiments-mentor-dashboard-mentee-overview-info-legend-headline, and growthexperiments-mentor-dashboard-mentee-overview-active-ago MediaWiki messages were not being properly sanitized and allowed for the injection and execution of HTML and JavaScript. LOW Oct 6, 2021
CVE-2021-42043 An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text (a parameter to mediasearch-did-you-mean) was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the intitle: search operator within the query. MEDIUM Oct 6, 2021
CVE-2021-42042 An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2. The growthexperiments-edit-config-error-invalid-title MediaWiki message was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript. LOW Oct 6, 2021
CVE-2021-42041 An issue was discovered in CentralAuth in MediaWiki through 1.36.2. The rightsnone MediaWiki message was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript via the setchange log. MEDIUM Oct 6, 2021
CVE-2021-42040 An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop (and php-fpm hang) within the Loops extension because egLoopsCountLimit is mishandled. This could lead to memory exhaustion. MEDIUM Oct 6, 2021
CVE-2021-42013 It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration require all denied, these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions. HIGH Oct 9, 2021
CVE-2021-42009 An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3. -- Oct 14, 2021
CVE-2021-42008 The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. MEDIUM Oct 5, 2021
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online