Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2904 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-20454 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 8.2 High |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196649. | ||||
| CVE-2021-20453 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 8.2 High |
| IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196648. | ||||
| CVE-2021-20431 | 3 Ibm, Linux, Microsoft | 3 I2 Analysts Notebook, Linux Kernel, Windows | 2024-11-21 | 6.5 Medium |
| IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342. | ||||
| CVE-2021-20399 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 9.1 Critical |
| IBM Qradar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196073. | ||||
| CVE-2021-20378 | 1 Ibm | 1 Guardium Data Encryption | 2024-11-21 | 8.8 High |
| IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 195709. | ||||
| CVE-2021-20353 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 8.2 High |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 194882. | ||||
| CVE-2021-20286 | 1 Redhat | 2 Enterprise Linux, Libnbd | 2024-11-21 | 2.7 Low |
| A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service. | ||||
| CVE-2021-20272 | 2 Debian, Privoxy | 2 Debian Linux, Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash. | ||||
| CVE-2021-20217 | 1 Privoxy | 1 Privoxy | 2024-11-21 | 7.5 High |
| A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-1982 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, Qca6390 and 141 more | 2024-11-21 | 7.5 High |
| Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-1971 | 1 Qualcomm | 242 Aqt1000, Aqt1000 Firmware, Ar8035 and 239 more | 2024-11-21 | 7.5 High |
| Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-1955 | 1 Qualcomm | 356 Apq8009, Apq8009 Firmware, Apq8009w and 353 more | 2024-11-21 | 7.5 High |
| Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2021-1953 | 1 Qualcomm | 410 Aqt1000, Aqt1000 Firmware, Ar8031 and 407 more | 2024-11-21 | 7.5 High |
| Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-1938 | 1 Qualcomm | 414 Aqt1000, Aqt1000 Firmware, Ar8031 and 411 more | 2024-11-21 | 7.5 High |
| Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-1937 | 1 Qualcomm | 372 Aqt1000, Aqt1000 Firmware, Ar8031 and 369 more | 2024-11-21 | 7.5 High |
| Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-1925 | 1 Qualcomm | 814 Aqt1000, Aqt1000 Firmware, Ar8031 and 811 more | 2024-11-21 | 7.5 High |
| Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-1887 | 1 Qualcomm | 78 Ar7420, Ar7420 Firmware, Ar9380 and 75 more | 2024-11-21 | 7.5 High |
| An assertion can be reached in the WLAN subsystem while using the Wi-Fi Fine Timing Measurement protocol in Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-1630 | 1 Salesforce | 1 Mule | 2024-11-21 | 7.5 High |
| XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers. | ||||
| CVE-2021-1628 | 1 Salesforce | 1 Mule | 2024-11-21 | 9.8 Critical |
| MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021. | ||||
| CVE-2021-1612 | 1 Cisco | 1 Sd-wan | 2024-11-21 | 5.5 Medium |
| A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device. | ||||