Export limit exceeded: 363654 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363654 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-27030 1 Autodesk 1 Fbx Review 2024-11-21 7.8 High
A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system.
CVE-2021-27029 1 Autodesk 1 Fbx Review 2024-11-21 5.5 Medium
The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review version 1.5.0 and prior causing the application to crash leading to a denial of service.
CVE-2021-27028 1 Autodesk 1 Fbx Review 2024-11-21 7.8 High
A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files.
CVE-2021-27027 1 Autodesk 1 Fbx Review 2024-11-21 7.8 High
An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure.
CVE-2021-27026 1 Puppet 3 Puppet, Puppet Connect, Puppet Enterprise 2024-11-21 4.4 Medium
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged
CVE-2021-27025 3 Fedoraproject, Puppet, Redhat 8 Fedora, Puppet, Puppet Agent and 5 more 2024-11-21 6.5 Medium
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
CVE-2021-27024 1 Puppet 1 Continuous Delivery 2024-11-21 8.1 High
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0
CVE-2021-27023 3 Fedoraproject, Puppet, Redhat 7 Fedora, Puppet Agent, Puppet Enterprise and 4 more 2024-11-21 9.8 Critical
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
CVE-2021-27022 1 Puppet 2 Puppet, Puppet Enterprise 2024-11-21 4.9 Medium
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).
CVE-2021-27021 1 Puppet 3 Puppet, Puppet Enterprise, Puppetdb 2024-11-21 8.8 High
A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.
CVE-2021-27020 1 Puppet 1 Puppet Enterprise 2024-11-21 8.8 High
Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.
CVE-2021-27019 1 Puppet 2 Puppet Enterprise, Puppetdb 2024-11-21 4.3 Medium
PuppetDB logging included potentially sensitive system information.
CVE-2021-27018 1 Puppet 1 Remediate 2024-11-21 7.5 High
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source.
CVE-2021-27007 1 Netapp 1 Virtual Desktop Service 2024-11-21 9.8 Critical
NetApp Virtual Desktop Service (VDS) when used with an HTML5 gateway is susceptible to a vulnerability which when successfully exploited could allow an unauthenticated attacker to takeover a Remote Desktop Session.
CVE-2021-27006 1 Netapp 1 Storagegrid 2024-11-21 4.4 Medium
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager.
CVE-2021-27005 1 Netapp 1 Ontap System Manager 2024-11-21 7.5 High
Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server.
CVE-2021-27004 1 Netapp 1 Ontap System Manager 2024-11-21 5.5 Medium
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials.
CVE-2021-27003 1 Netapp 1 Clustered Data Ontap 2024-11-21 4.7 Medium
Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack.
CVE-2021-27002 1 Netapp 1 Cloud Manager 2024-11-21 7.5 High
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy.
CVE-2021-27001 1 Netapp 1 Clustered Data Ontap 2024-11-21 5.5 Medium
Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.