Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40997 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
|
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
|
|||||
| CVE-2021-40996 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
|
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
|
|||||
| CVE-2021-40991 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
|
|||||
| CVE-2021-40990 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
|
|||||
| CVE-2021-40989 | 2 Arubanetworks, Microsoft | 2 Clearpass Policy Manager, Windows | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
|
|||||
| CVE-2021-40864 | 1 Onlyoffice | 1 Google Translate | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The Translate plugin 6.1.x through 6.3.x before 6.3.0.72 for ONLYOFFICE Document Server lacks escape calls for the msg.data and text fields.
|
|||||
| CVE-2021-40837 | 3 Apple, F-secure, Microsoft | 8 Macos, Atlant, Elements Endpoint Detection And Response and 5 more | 2024-11-21 | 5.0 MEDIUM | 4.6 MEDIUM |
|
A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.
|
|||||
| CVE-2021-40836 | 3 Apple, F-secure, Microsoft | 8 Macos, Atlant, Elements Endpoint Detection And Response and 5 more | 2024-11-21 | 4.3 MEDIUM | 4.6 MEDIUM |
|
A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook .pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.
|
|||||
| CVE-2021-40832 | 3 Apple, F-secure, Microsoft | 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.
|
|||||
| CVE-2021-40695 | 1 Moodle | 1 Moodle | 2024-11-21 | N/A | 4.3 MEDIUM |
|
It was possible for a student to view their quiz grade before it had been released, using a quiz web service.
|
|||||
| CVE-2021-40691 | 1 Moodle | 1 Moodle | 2024-11-21 | N/A | 4.3 MEDIUM |
|
A session hijack risk was identified in the Shibboleth authentication plugin.
|
|||||
| CVE-2021-40684 | 1 Talend | 1 Esb Runtime | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.
|
|||||
| CVE-2021-40643 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any command, which will be executed when we make a test of the configuration ("send test mail").
|
|||||
| CVE-2021-40612 | 1 Opmantek | 1 Open-audit | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution without echoes.
|
|||||
| CVE-2021-40567 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service.
|
|||||
| CVE-2021-40540 | 1 Ulfius Project | 1 Ulfius | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.
|
|||||
| CVE-2021-40532 | 1 Telegram | 1 Web K Alpha | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.
|
|||||
| CVE-2021-40521 | 1 Airangel | 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution.
|
|||||
| CVE-2021-40498 | 1 Sap | 1 Successfactors Mobile | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A vulnerability has been identified in SAP SuccessFactors Mobile Application for Android - versions older than 2108, which allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which can lead to denial of service. The vulnerability is related to Android implementation methods that are widely used across Android mobile applications, and such methods are embedded into the SAP SuccessFactors mobile application. These Android methods beg ...
Show More |
|||||
| CVE-2021-40495 | 1 Sap | 2 Netweaver Abap, Netweaver Application Server Abap | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Server ABAP and ABAP Platform.
|
|||||
| CVE-2021-40486 | 1 Microsoft | 6 Office, Office Online Server, Office Web Apps Server and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Word Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40484 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 3.5 LOW | 7.6 HIGH |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||
| CVE-2021-40483 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 3.5 LOW | 7.6 HIGH |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||
| CVE-2021-40482 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Microsoft SharePoint Server Information Disclosure Vulnerability
|
|||||
| CVE-2021-40481 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 7.1 HIGH |
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40480 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40479 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40475 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
|
|||||
| CVE-2021-40474 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40473 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40472 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Microsoft Excel Information Disclosure Vulnerability
|
|||||
| CVE-2021-40471 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40469 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
Windows DNS Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40468 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2016 and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows Bind Filter Driver Information Disclosure Vulnerability
|
|||||
| CVE-2021-40465 | 1 Microsoft | 11 Windows 10, Windows 11 21h2, Windows 7 and 8 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Windows Text Shaping Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40463 | 1 Microsoft | 8 Windows 10, Windows 11 21h2, Windows 8.1 and 5 more | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
|
Windows Network Address Translation (NAT) Denial of Service Vulnerability
|
|||||
| CVE-2021-40462 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 11 21h2 and 4 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40461 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Windows Hyper-V Remote Code Execution Vulnerability
|
|||||
| CVE-2021-40460 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-40456 | 1 Microsoft | 3 Windows Server, Windows Server 2019, Windows Server 2022 | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Windows AD FS Security Feature Bypass Vulnerability
|
|||||