Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 128082 entries
IDDescriptionPriorityModified date
CVE-2011-1415 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1290. Reason: This candidate is a duplicate of CVE-2011-1290. Notes: All CVE users should reference CVE-2011-1290 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Mar 17, 2011
CVE-2011-1501 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1571. Reason: This candidate is a duplicate of CVE-2011-1571. Notes: All CVE users should reference CVE-2011-1571 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT May 6, 2011
CVE-2011-2708 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-2708. Reason: This candidate is a duplicate of CVE-2011-2708. Notes: All CVE users should reference CVE-2011-2708 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Nov 23, 2011
CVE-2011-2810 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-0253. Reason: This candidate is a reservation duplicate of CVE-2011-0253. Notes: All CVE users should reference CVE-2011-0253 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Aug 19, 2011
CVE-2011-3633 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4062. Reason: This candidate is a duplicate of CVE-2011-4062. Notes: All CVE users should reference CVE-2011-4062 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Dec 12, 2011
CVE-2011-3867 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-2998. Reason: This candidate is a duplicate of CVE-2011-2998. Notes: All CVE users should reference CVE-2011-2998 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Sep 30, 2011
CVE-2011-4084 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4858. Reason: This candidate is a duplicate of CVE-2011-4858. Notes: All CVE users should reference CVE-2011-4858 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Jan 6, 2012
CVE-2011-4123 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-3874. Reason: This candidate is a duplicate of CVE-2011-3874. Notes: All CVE users should reference CVE-2011-3874 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Jan 25, 2012
CVE-2011-4323 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-2726. Reason: This candidate is a duplicate of CVE-2011-2726. Notes: All CVE users should reference CVE-2011-2726 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Dec 12, 2011
CVE-2011-4331 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4331. Reason: This candidate is a duplicate of CVE-2011-4331. Notes: All CVE users should reference CVE-2011-4331 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Nov 23, 2011
CVE-2011-4359 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4343. Reason: This candidate is a duplicate of CVE-2011-4343. Notes: All CVE users should reference CVE-2011-4343 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Dec 12, 2011
CVE-2011-4456 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4313. Reason: This candidate is a reservation duplicate of CVE-2011-4313. Notes: All CVE users should reference CVE-2011-4313 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Nov 16, 2011
CVE-2011-4779 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4642. Reason: This candidate is a reservation duplicate of CVE-2011-4642. Notes: All CVE users should reference CVE-2011-4642 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Dec 20, 2011
CVE-2012-0026 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0287. Reason: This candidate is a duplicate of CVE-2012-0287. Notes: All CVE users should reference CVE-2012-0287 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. REJECT Jan 4, 2012
CVE-2021-32399 net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. MEDIUM May 14, 2021
CVE-2021-31911 In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages. MEDIUM May 14, 2021
CVE-2021-31907 In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly. MEDIUM May 14, 2021
CVE-2021-31906 In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file. MEDIUM May 14, 2021
CVE-2021-31905 In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible. MEDIUM May 14, 2021
CVE-2021-31904 In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page. MEDIUM May 14, 2021
CVE-2021-31170 Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31188. MEDIUM May 14, 2021
CVE-2021-31169 Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31208. MEDIUM May 14, 2021
CVE-2021-31168 Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31169, CVE-2021-31208. MEDIUM May 14, 2021
CVE-2021-31167 Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208. MEDIUM May 14, 2021
CVE-2021-31165 Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208. MEDIUM May 14, 2021
CVE-2021-30504 In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation. MEDIUM May 14, 2021
CVE-2021-30213 Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in \'/servlet/AdapterHTTP\' via the \'targetService\' parameter. MEDIUM May 14, 2021
CVE-2021-28476 Hyper-V Remote Code Execution Vulnerability MEDIUM May 14, 2021
CVE-2021-21648 Jenkins Credentials Plugin 2.3.18 and earlier does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting (XSS) vulnerability. MEDIUM May 14, 2021
CVE-2021-20577 IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199281. MEDIUM May 14, 2021
CVE-2021-20538 IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms. IBM X-Force ID: 198919. MEDIUM May 14, 2021
CVE-2020-27246 An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoComment parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27245 An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoBuyer parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27244 An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoCode parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27243 An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoService parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27242 An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoLocation parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27232 An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 14, 2021
CVE-2020-27231 A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findDistrict parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27230 A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27229 A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findPersonID parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-27226 An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. MEDIUM May 13, 2021
CVE-2020-23376 NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack. MEDIUM May 13, 2021
CVE-2020-23371 Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote attackers to inject arbitrary web script or HTML via the movieName parameter. MEDIUM May 13, 2021
CVE-2020-23369 In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3. MEDIUM May 13, 2021
CVE-2020-4536 IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907. MEDIUM May 13, 2021
CVE-2021-32470 Craft CMS before 3.6.13 has an XSS vulnerability. MEDIUM May 7, 2021
CVE-2021-32104 A SQL injection vulnerability exists (with user privileges) in interface/forms/eye_mag/save.php in OpenEMR 5.0.2.1. MEDIUM May 7, 2021
CVE-2021-32102 A SQL injection vulnerability exists (with user privileges) in library/custom_template/ajax_code.php in OpenEMR 5.0.2.1. MEDIUM May 7, 2021
CVE-2021-32101 The Patient Portal of OpenEMR 5.0.2.1 is affected by a incorrect access control system in portal/patient/_machine_config.php. To exploit the vulnerability, an unauthenticated attacker can register an account, bypassing the permission check of this portal\'s API. Then, the attacker can then manipulate and read data of every registered patient. MEDIUM May 7, 2021
CVE-2021-32100 A remote file inclusion vulnerability exists in Artica Pandora FMS 742, exploitable by the lowest privileged user. MEDIUM May 7, 2021
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version.
Live chat
Online