The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2021-31879 | GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | -- | Apr 29, 2021 |
| CVE-2021-31875 | In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which can potentially lead to redirection of control flow. | -- | Apr 29, 2021 |
| CVE-2021-31866 | Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController. | -- | Apr 28, 2021 |
| CVE-2021-31865 | Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments. | -- | Apr 28, 2021 |
| CVE-2021-31864 | Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler. | -- | Apr 28, 2021 |
| CVE-2021-31863 | Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process. | -- | Apr 28, 2021 |
| CVE-2021-31856 | A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns in models/meshery_pattern_persister.go). | -- | Apr 28, 2021 |
| CVE-2021-31826 | Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied. | -- | Apr 28, 2021 |
| CVE-2021-31815 | GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user\'s location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity Identifiers and MAC addresses are written to the Android system log, and many Android devices have applications (preinstalled by the hardware manufacturer or network operator) that read system log data and send it to third parties. NOTE: a news outlet (The Markup) states that they received a vendor response indicating that fix deployment began several weeks ago and will be complete in the coming days. | -- | Apr 28, 2021 |
| CVE-2021-31804 | LeoCAD before 21.03 sometimes allows a use-after-free during the opening of a new document. | -- | Apr 26, 2021 |
| CVE-2021-31803 | cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581). | -- | Apr 26, 2021 |
| CVE-2021-31802 | NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length value is trusted during a backup.cgi file upload. The attacker must add a \\n before the Content-Length header. | -- | Apr 26, 2021 |
| CVE-2021-31795 | The PowerVR GPU kernel driver in pvrsrvkm.ko through 2021-04-24 for the Linux kernel, as used on Alcatel 1S phones, allows attackers to overwrite heap memory via PhysmemNewRamBackedPMR. | -- | Apr 24, 2021 |
| CVE-2021-31794 | Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent header. | -- | Apr 24, 2021 |
| CVE-2021-31791 | In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or timeout of a command. | -- | Apr 23, 2021 |
| CVE-2021-31784 | An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution. | -- | Apr 26, 2021 |
| CVE-2021-31783 | show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File Inclusion because the file parameter is not validated with a proper regular-expression check. | -- | Apr 26, 2021 |
| CVE-2021-31780 | In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to information disclosure on an event edit. When an object has a sharing group associated with an event edit, the sharing group object is ignored and instead the passed local ID is reused. | -- | Apr 23, 2021 |
| CVE-2021-31779 | The yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3 allows SSRF via a backend user account. | -- | Apr 28, 2021 |
| CVE-2021-31778 | The media2click (aka 2 Clicks for External Media) extension 1.x before 1.3.3 for TYPO3 allows XSS by a backend user account. | -- | Apr 28, 2021 |
| CVE-2021-31777 | The dce (aka Dynamic Content Element) extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account. | -- | Apr 28, 2021 |
| CVE-2021-31776 | Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators. | -- | Apr 29, 2021 |
| CVE-2021-31762 | Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin\'s add users feature, and then get a reverse shell through Webmin\'s running process feature. | MEDIUM | Apr 25, 2021 |
| CVE-2021-31761 | Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin\'s running process feature. | MEDIUM | Apr 25, 2021 |
| CVE-2021-31760 | Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin\'s running process feature. | MEDIUM | Apr 25, 2021 |
| CVE-2021-31726 | Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. The attack vector is sending a payload to port 189 (default root 0.0.0.0). | -- | Apr 25, 2021 |
| CVE-2021-31718 | The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution. | -- | Apr 25, 2021 |
| CVE-2021-31712 | react-draft-wysiwyg (aka React Draft Wysiwyg) before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS. | -- | Apr 24, 2021 |
| CVE-2021-31671 | pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used. | -- | Apr 27, 2021 |
| CVE-2021-31646 | Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote). The affected component is the file forgot_pwd.php - it uses a weak algorithm for the generation of password recovery tokens (the PHP uniqueid function), allowing a brute force attack. | -- | Apr 26, 2021 |
| CVE-2021-31607 | In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely). | -- | Apr 23, 2021 |
| CVE-2021-31598 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow. | -- | Apr 24, 2021 |
| CVE-2021-31597 | The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected. | -- | Apr 23, 2021 |
| CVE-2021-31584 | Sipwise C5 NGCP CSC through CE_m39.3.1 allows call/click2dial CSRF attacks for actions with administrative privileges | -- | Apr 23, 2021 |
| CVE-2021-31583 | Sipwise C5 NGCP CSC through CE_m39.3.1 has multiple authenticated stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user: Stored XSS in callforward/time/set/save (POST tsetname); Reflected XSS in addressbook (GET filter); Stored XSS in addressbook/save (POST firstname, lastname, company); and Reflected XSS in statistics/versions (GET lang). | -- | Apr 23, 2021 |
| CVE-2021-31572 | The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer. | HIGH | Apr 22, 2021 |
| CVE-2021-31571 | The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation. | HIGH | Apr 22, 2021 |
| CVE-2021-31555 | An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter\'s length. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31554 | An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31553 | An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31552 | An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules related to blocking accounts after account creation. Such rules would allow for user accounts to be created while blocking only the IP address used to create an account (and not the user account itself). Such rules could also be used by a nefarious, unprivileged user to catalog and enumerate any number of IP addresses related to these account creations. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31551 | An issue was discovered in the PageForms extension for MediaWiki through 1.35.2. Crafted payloads for Token-related query parameters allowed for XSS on certain PageForms-managed MediaWiki pages. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31550 | An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. Via crafted configuration variables, a malicious actor could introduce XSS payloads into various layers. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31549 | An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The Special:AbuseFilter/examine form allowed for the disclosure of suppressed MediaWiki usernames to unprivileged users. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31548 | An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31547 | An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31546 | An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31545 | An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The page_recent_contributors leaked the existence of certain deleted MediaWiki usernames, related to rev_deleted. | MEDIUM | Apr 22, 2021 |
| CVE-2021-31540 | Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application server configuration. | -- | Apr 23, 2021 |
| CVE-2021-31539 | Wowza Streaming Engine through 4.8.5 (in a default installation) has cleartext passwords stored in the conf/admin.password file. A regular local user is able to read usernames and passwords. | -- | Apr 23, 2021 |
