adobe — creative_cloud_desktop_application |
Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority. |
2021-09-29 |
4.6 |
CVE-2021-28547
MISC |
adobe — digital_editions |
Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability. |
2021-09-27 |
6.8 |
CVE-2021-39828
MISC |
adobe — digital_editions |
Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability. |
2021-09-27 |
6.8 |
CVE-2021-39827
MISC |
adobe — experience_manager |
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a stored XSS vulnerability when creating Content Fragments. An authenticated attacker can send a malformed POST request to achieve server-side denial of service. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
2021-09-27 |
4.3 |
CVE-2021-40711
MISC |
adobe — experience_manager |
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a improper input validation vulnerability via the path parameter. An authenticated attacker can send a malformed POST request to achieve server-side denial of service. |
2021-09-27 |
4 |
CVE-2021-40712
MISC |
adobe — experience_manager |
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a improper certificate validation vulnerability in the cold storage component. If an attacker can achieve a man in the middle when the cold server establishes a new certificate, they would be able to harvest sensitive information. |
2021-09-27 |
4.3 |
CVE-2021-40713
MISC |
adobe — experience_manager |
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the accesskey parameter. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser |
2021-09-27 |
4.3 |
CVE-2021-40714
MISC |
adobe — incopy |
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. |
2021-09-27 |
6.8 |
CVE-2021-39818
MISC |
adobe — incopy |
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious XML file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. |
2021-09-27 |
6.8 |
CVE-2021-39819
MISC |
adobe — indesign |
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. |
2021-09-29 |
6.8 |
CVE-2021-39821
MISC |
apache — druid |
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1. |
2021-09-24 |
4 |
CVE-2021-36749
MISC
MLIST |
asus — armoury_crate_lite_service |
ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%ASUSGamingCenterLib directory. |
2021-09-27 |
4.4 |
CVE-2021-40981
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter. |
2021-09-27 |
6.5 |
CVE-2021-40097
MISC
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. There is unauthenticated stored XSS in blog comments via the website field. |
2021-09-27 |
4.3 |
CVE-2021-40106
MISC
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments. |
2021-09-27 |
4.3 |
CVE-2021-40105
MISC
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass. |
2021-09-27 |
5 |
CVE-2021-40104
MISC
MISC |
concretecms — concrete_cms |
A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that redirects to an internal resource of any file type. The redirect is followed and loads the contents of the file from the redirected-to server. Files of disallowed types can be uploaded. |
2021-09-27 |
5.5 |
CVE-2021-40109
MISC
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP Object Injection associated with the __wakeup magic method). |
2021-09-24 |
6.4 |
CVE-2021-40102
MISC
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution. |
2021-09-24 |
6.5 |
CVE-2021-40099
MISC
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF. |
2021-09-27 |
5 |
CVE-2021-40103
MISC
MISC |
concretecms — concrete_cms |
An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint. |
2021-09-27 |
6.8 |
CVE-2021-40108
MISC
MISC |
couchbase — couchbase_server |
Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. |
2021-09-29 |
5 |
CVE-2021-35944
MISC
MISC |
couchbase — couchbase_server |
Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. |
2021-09-29 |
5 |
CVE-2021-35945
MISC
MISC |
d-link — dcs-932l_firmware |
** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
2021-09-24 |
5.2 |
CVE-2021-41503
MISC
MISC |
d-link — dcs-932l_firmware |
** UNSUPPORTED WHEN ASSIGNED ** An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
2021-09-24 |
5.2 |
CVE-2021-41504
MISC
MISC |
dell — emc_networker |
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information. |
2021-09-28 |
4 |
CVE-2021-21569
MISC |
dell — emc_networker |
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information. |
2021-09-28 |
4 |
CVE-2021-21570
MISC |
dlink — dir-605l_firmware |
An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page |
2021-09-24 |
5 |
CVE-2021-40655
MISC
MISC |
dlink — dir-615_firmware |
An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page |
2021-09-24 |
4 |
CVE-2021-40654
MISC
MISC |
firefly-iii — firefly_iii |
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) |
2021-09-27 |
6.8 |
CVE-2021-3819
CONFIRM
MISC |
getgrav — grav |
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking |
2021-09-27 |
5 |
CVE-2021-3818
MISC
CONFIRM |
getgrav — grav-plugin-admin |
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames |
2021-09-27 |
5.8 |
CVE-2021-3799
CONFIRM
MISC |
gilacms — gila_cms |
A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated attackers to arbitrarily add administrator accounts. |
2021-09-27 |
6.8 |
CVE-2020-20693
MISC |
gilacms — gila_cms |
GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php. |
2021-09-27 |
6.5 |
CVE-2020-20692
MISC
MISC |
github — enterprise_server |
A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.1.8 and was fixed in 3.1.8, 3.0.16, and 2.22.22. This vulnerability was reported via the GitHub Bug Bounty program. This is the result of an incomplete fix for CVE-2021-22867. |
2021-09-24 |
4 |
CVE-2021-22868
MISC
MISC
MISC |
google — android |
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425810. |
2021-09-27 |
4.6 |
CVE-2021-0611
MISC |
google — android |
In memory management driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05411456. |
2021-09-27 |
4.6 |
CVE-2021-0610
MISC |
google — android |
In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Issue ID: ALPS05827145. |
2021-09-27 |
4 |
CVE-2021-0660
MISC |
google — android |
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834. |
2021-09-27 |
4.6 |
CVE-2021-0612
MISC |
gradle — gradle |
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password. |
2021-09-24 |
5 |
CVE-2021-41586
MISC |
gradle — gradle |
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header. |
2021-09-24 |
5 |
CVE-2021-41584
MISC |
gradle — gradle |
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. |
2021-09-24 |
5 |
CVE-2021-41587
MISC |
gradle — gradle |
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys. |
2021-09-24 |
6.8 |
CVE-2021-41588
MISC |
ibm — sterling_order_management |
IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179. |
2021-09-30 |
4.3 |
CVE-2021-20554
XF
CONFIRM |
inflect_project — inflect |
inflect is vulnerable to Inefficient Regular Expression Complexity |
2021-09-27 |
5 |
CVE-2021-3820
MISC
CONFIRM |
jsoneditoronline — jsoneditor |
jsoneditor is vulnerable to Inefficient Regular Expression Complexity |
2021-09-27 |
5 |
CVE-2021-3822
MISC
CONFIRM |
kindsoft — kindeditor |
Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information. |
2021-09-28 |
4.3 |
CVE-2021-37267
MISC |
kindsoft — kindeditor |
Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information. |
2021-09-28 |
4.3 |
CVE-2021-30086
MISC
MISC |
laracms_project — laracms |
LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers. |
2021-09-29 |
5 |
CVE-2020-20128
MISC |
maccms — maccms |
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users. |
2021-09-24 |
4.9 |
CVE-2020-20514
MISC |
nltk — nltk |
nltk is vulnerable to Inefficient Regular Expression Complexity |
2021-09-27 |
5 |
CVE-2021-3828
CONFIRM
MISC |
openbsd — libressl |
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks ‘ |