The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2021-41280 | Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service (SNS) notification token configured via the `sns_notification_token` configuration parameter. This configuration parameter is unset by default. The vulnerability has been patched in version 10.2.1. Users who are unable to upgrade should set the`sns_notification_token` configuration parameter to a secret value. | -- | Nov 19, 2021 | n/a |
| CVE-2021-41281 | Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. The last 2 directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact. Homeservers with the media repository disabled are unaffected. Homeservers with a federation whitelist are also unaffected, since Synapse will check the remote hostname, including the trailing `../`s, against the whitelist. Server administrators should upgrade to 1.47.1 or later. Server administrators using a reverse proxy could, at the expense of losing media functionality, may block the certain endpoints as a workaround. Alternatively, non-containerized deployments can be adapted to use the hardened systemd config. | -- | Nov 23, 2021 | n/a |
| CVE-2021-41282 | diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection mechanisms against command injection (i.e., the usage of the escapeshellarg function for the arguments) are used, it is still possible to inject sed-specific code and write an arbitrary file in an arbitrary location. | HIGH | Mar 4, 2022 | n/a |
| CVE-2021-41285 | Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\\SYSTEM. | HIGH | Oct 4, 2021 | n/a |
| CVE-2021-41286 | Omikron MultiCash Desktop 4.00.008.SP5 relies on a client-side authentication mechanism. When a user logs into the application, the validity of the password is checked locally. All communication to the database backend is made via the same technical account. Consequently, an attacker can attach a debugger to the process or create a patch that manipulates the behavior of the login function. When the function always returns the success value (corresponding to a correct password), an attacker can login with any desired account, such as the administrative account of the application. | MEDIUM | Oct 9, 2021 | n/a |
| CVE-2021-41288 | Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API. | HIGH | Oct 7, 2021 | n/a |
| CVE-2021-41289 | ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity verification and further resulting in a failure to boot. | LOW | Nov 18, 2021 | n/a |
| CVE-2021-41290 | ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Using the POST parameters, unauthenticated attackers can remotely set arbitrary values for location and content type and gain the possibility to execute arbitrary code on the affected device. | HIGH | Oct 7, 2021 | n/a |
| CVE-2021-41291 | ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Using the GET parameter in File Manager, unauthenticated attackers can remotely disclose directory content on the affected device. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41292 | ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can remotely bypass authentication and disclose sensitive information and circumvent physical access controls in smart homes and buildings and manipulate HVAC. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41293 | ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41294 | ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files deletion. Using the specific GET parameter, unauthenticated attackers can remotely delete arbitrary files on the affected device and cause denial of service scenario. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41295 | ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a forged request at a malicious web page and execute CRUD commands (GET, POST, PUT, DELETE) to perform arbitrary operations in the system. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41296 | ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41297 | ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41298 | ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user\'s privilege can remotely bypass authorization and access the hidden resources in the system and execute privileged functionalities. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41299 | ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator’s privilege without logging in. | HIGH | Oct 7, 2021 | n/a |
| CVE-2021-41300 | ECOA BAS controller’s special page displays user account and passwords in plain text, thus unauthenticated attackers can access the page and obtain privilege with full functionality. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41301 | ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation and full system access. | HIGH | Oct 7, 2021 | n/a |
| CVE-2021-41302 | ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the unauthenticated attacker can remotely query user password and obtain user’s privilege. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41303 | Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0. | HIGH | Sep 17, 2021 | n/a |
| CVE-2021-41304 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before version 8.13.12, and from version 8.14.0 before 8.20.2. | MEDIUM | Oct 27, 2021 | n/a |
| CVE-2021-41305 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view the names of private projects and filters via an Insecure Direct Object References (IDOR) vulnerability in the Average Number of Times in Status Gadget. The affected versions are before version 8.13.12.. | MEDIUM | Oct 27, 2021 | n/a |
| CVE-2021-41306 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in the Average Time in Status Gadget. The affected versions are before version 8.13.12, and from version 8.14.0 before 8.20.0. | MEDIUM | Oct 27, 2021 | n/a |
| CVE-2021-41307 | Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.12, and from version 8.14.0 before 8.20.0. | MEDIUM | Oct 27, 2021 | n/a |
| CVE-2021-41308 | Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the `ReplicationSettings!default.jspa` endpoint. The affected versions are before version 8.6.0, from version 8.7.0 before 8.13.12, and from version 8.14.0 before 8.20.1. | MEDIUM | Oct 27, 2021 | n/a |
| CVE-2021-41309 | Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user\'s Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The affected versions of Jira Server and Data Center are before version 8.19.1. | MEDIUM | Dec 9, 2021 | n/a |
| CVE-2021-41310 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Associated Projects feature (/secure/admin/AssociatedProjectsForCustomField.jspa). The affected versions are before version 8.5.19, from version 8.6.0 before 8.13.11, and from version 8.14.0 before 8.19.1. | MEDIUM | Nov 2, 2021 | n/a |
| CVE-2021-41311 | Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects\' Users & Roles settings, via a Broken Authentication vulnerability in the /plugins/servlet/project-config/PROJECT/roles endpoint. The affected versions are before version 8.19.1. | MEDIUM | Dec 9, 2021 | n/a |
| CVE-2021-41312 | Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1. | MEDIUM | Nov 4, 2021 | n/a |
| CVE-2021-41313 | Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions are before version 8.20.7. | MEDIUM | Nov 1, 2021 | n/a |
| CVE-2021-41314 | Certain NETGEAR smart switches are affected by a \\n injection in the web UI\'s password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or overwrite) a file with specific content (e.g., the 2 string). This leads to admin session crafting and therefore gaining full web UI admin privileges by an unauthenticated attacker. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS750E before 1.0.1.10, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2. | HIGH | Sep 17, 2021 | n/a |
| CVE-2021-41315 | The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker (with access to the console application) to execute arbitrary OS commands and escalate privileges. | HIGH | Sep 17, 2021 | n/a |
| CVE-2021-41316 | The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker (with permissions to add or edit jobs run by this utility) can inject an extra argument to overwrite arbitrary files as the root user on the Remote Collector. | HIGH | Sep 17, 2021 | n/a |
| CVE-2021-41317 | XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths. | HIGH | Sep 17, 2021 | n/a |
| CVE-2021-41318 | In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a victim\'s browser. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41320 | A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with higher privilege than the average authenticated user. | LOW | Oct 15, 2021 | n/a |
| CVE-2021-41322 | Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process. | MEDIUM | Oct 4, 2021 | n/a |
| CVE-2021-41323 | Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter. | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41324 | Directory traversal in the Copy, Move, and Delete features in Pydio Cells 2.2.9 allows remote authenticated users to enumerate personal files (or Cells files belonging to any user) via the nodes parameter (for Copy and Move) or via the Path parameter (for Delete). | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41325 | Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.) | MEDIUM | Oct 7, 2021 | n/a |
| CVE-2021-41326 | In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call. | HIGH | Sep 17, 2021 | n/a |
| CVE-2021-41329 | Datalust Seq before 2021.2.6259 allows users (with view filters applied to their accounts) to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user\'s view filter includes an array or IN clause, and when another user has recently executed an identical query differing only by the array elements. | MEDIUM | Oct 6, 2021 | n/a |
| CVE-2021-41330 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | MEDIUM | Oct 13, 2021 | n/a |
| CVE-2021-41331 | Windows Media Audio Decoder Remote Code Execution Vulnerability | MEDIUM | Oct 13, 2021 | n/a |
| CVE-2021-41332 | Windows Print Spooler Information Disclosure Vulnerability | MEDIUM | Oct 13, 2021 | n/a |
| CVE-2021-41333 | Windows Print Spooler Elevation of Privilege Vulnerability | MEDIUM | Dec 15, 2021 | n/a |
| CVE-2021-41334 | Windows Desktop Bridge Elevation of Privilege Vulnerability | MEDIUM | Oct 13, 2021 | n/a |
| CVE-2021-41335 | Windows Kernel Elevation of Privilege Vulnerability | HIGH | Oct 13, 2021 | n/a |
| CVE-2021-41336 | Windows Kernel Information Disclosure Vulnerability | LOW | Oct 13, 2021 | n/a |
