Export limit exceeded: 363281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363281 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-27376 1 Nb-connect Project 1 Nb-connect 2024-11-21 9.8 Critical
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.
CVE-2021-27375 1 Containous 1 Traefik 2024-11-21 5.3 Medium
Traefik before 2.4.5 allows the loading of IFRAME elements from other domains.
CVE-2021-27374 1 Vertigis 1 Weboffice 2024-11-21 7.5 High
VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve "Zugriff auf Inhalte der WebOffice Applikation."
CVE-2021-27372 1 Realtek 2 Xpon Rtl9601d, Xpon Rtl9601d Software Development Kit 2024-11-21 9.8 Critical
Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.
CVE-2021-27371 1 Monicahq 1 Monica 2024-11-21 5.4 Medium
The Contact page in Monica 2.19.1 allows stored XSS via the Description field.
CVE-2021-27370 1 Monicahq 1 Monica 2024-11-21 5.4 Medium
The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field.
CVE-2021-27369 1 Monicahq 1 Monica 2024-11-21 5.4 Medium
The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field.
CVE-2021-27368 1 Monicahq 1 Monica 2024-11-21 5.4 Medium
The Contact page in Monica 2.19.1 allows stored XSS via the First Name field.
CVE-2021-27367 1 Boltcms 1 Bolt 2024-11-21 7.5 High
Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.
CVE-2021-27365 5 Debian, Linux, Netapp and 2 more 12 Debian Linux, Linux Kernel, Solidfire Baseboard Management Controller and 9 more 2024-11-21 7.8 High
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.
CVE-2021-27364 6 Canonical, Debian, Linux and 3 more 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more 2024-11-21 7.1 High
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
CVE-2021-27363 4 Debian, Linux, Netapp and 1 more 10 Debian Linux, Linux Kernel, Cloud Backup and 7 more 2024-11-21 4.4 Medium
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables.
CVE-2021-27362 1 Irfanview 2 Irfanview, Wpg 2024-11-21 9.8 Critical
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.
CVE-2021-27358 3 Grafana, Netapp, Redhat 4 Grafana, E-series Performance Analyzer, Acm and 1 more 2024-11-21 7.5 High
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
CVE-2021-27357 1 Riot-os 1 Riot 2024-11-21 9.8 Critical
RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c.
CVE-2021-27352 1 Ilch 1 Ilch Cms 2024-11-21 5.4 Medium
An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login.
CVE-2021-27351 1 Telegram 1 Telegram 2024-11-21 5.3 Medium
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.
CVE-2021-27349 1 Algolplus 1 Advanced Order Export For Woocommerce 2024-11-21 6.1 Medium
Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727.
CVE-2021-27347 2 Debian, Long Range Zip Project 2 Debian Linux, Long Range Zip 2024-11-21 5.5 Medium
Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.
CVE-2021-27345 2 Debian, Long Range Zip Project 2 Debian Linux, Long Range Zip 2024-11-21 5.5 Medium
A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file.