Export limit exceeded: 21124 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 12151 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (12151 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-45891 1 Zauner 1 Arc 2024-11-21 8.8 High
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.
CVE-2021-45885 1 Stormshield 1 Network Security 2024-11-21 7.5 High
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
CVE-2021-45861 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 5.5 Medium
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277.
CVE-2021-45852 1 Projectworlds 1 Hospital Management System In Php 2024-11-21 5.3 Medium
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.
CVE-2021-45832 1 Hdfgroup 1 Hdf5 2024-11-21 5.5 Medium
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).
CVE-2021-45708 1 Abomonation Project 1 Abomonation 2024-11-21 7.5 High
An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass.
CVE-2021-45428 1 Telesquare 2 Tlr-2005ksh, Tlr-2005ksh Firmware 2024-11-21 9.8 Critical
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
CVE-2021-45408 1 Seeddms 1 Seeddms 2024-11-21 6.1 Medium
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter.
CVE-2021-45402 1 Linux 1 Linux Kernel 2024-11-21 5.5 Medium
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
CVE-2021-45387 1 Broadcom 1 Tcpreplay 2024-11-21 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
CVE-2021-45386 1 Broadcom 1 Tcpreplay 2024-11-21 5.5 Medium
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
CVE-2021-45328 1 Gitea 1 Gitea 2024-11-21 6.1 Medium
Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs.
CVE-2021-45290 2 Fedoraproject, Webassembly 2 Fedora, Binaryen 2024-11-21 7.5 High
A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.
CVE-2021-45096 1 Knime 1 Knime Analytics Platform 2024-11-21 4.7 Medium
KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730.
CVE-2021-45024 1 Rocketsoftware 1 Ags-zena 2024-11-21 9.8 Critical
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE).
CVE-2021-44994 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.
CVE-2021-44993 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript 3.0.0.
CVE-2021-44971 1 Tenda 4 Ac15, Ac15 Firmware, Ac5 and 1 more 2024-11-21 9.8 Critical
Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE.
CVE-2021-44949 1 Glfusion 1 Glfusion 2024-11-21 9.8 Critical
glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php.
CVE-2021-44847 2 Fedoraproject, Toktok 2 Fedora, Toxcore 2024-11-21 9.8 Critical
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.