| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-41829 |
326 |
|
|
2021-09-30 |
2021-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key. |
|
2 |
CVE-2021-41828 |
798 |
|
|
2021-09-30 |
2021-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml. |
|
3 |
CVE-2021-41827 |
798 |
|
|
2021-09-30 |
2021-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials for read-only access. The credentials are in the source code that corresponds to the DCBackupRestore JAR archive. |
|
4 |
CVE-2021-41826 |
601 |
|
|
2021-09-30 |
2021-10-07 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessions_controller.rb open redirect. |
|
5 |
CVE-2021-41824 |
1236 |
|
|
2021-09-30 |
2021-11-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Craft CMS before 3.7.14 allows CSV injection. |
|
6 |
CVE-2021-41821 |
191 |
|
DoS |
2021-09-29 |
2021-10-12 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. A crafted message must be sent from an authenticated agent to the manager. |
|
7 |
CVE-2021-41795 |
863 |
|
Bypass |
2021-09-29 |
2021-10-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. By targeting a vulnerable component of this extension, a malicious web page could read a subset of 1Password vault items that would normally be fillable by the user on that web page. These items are usernames and passwords for vault items associated with its domain, usernames and passwords without a domain association, credit cards, and contact items. (1Password must be unlocked for these items to be accessible, but no further user interaction is required.) |
|
8 |
CVE-2021-41764 |
352 |
|
CSRF |
2021-09-29 |
2021-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A cross-site request forgery (CSRF) vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a CSRF attack and send them to the attacker. |
|
9 |
CVE-2021-41753 |
287 |
|
|
2021-09-27 |
2021-10-06 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames. |
|
10 |
CVE-2021-41732 |
444 |
|
|
2021-09-29 |
2021-12-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
** DISPUTED ** An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended. |
|
11 |
CVE-2021-41729 |
862 |
|
|
2021-09-30 |
2021-10-08 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php. |
|
12 |
CVE-2021-41720 |
77 |
|
Exec Code |
2021-09-30 |
2021-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** A command injection vulnerability in Lodash 4.17.21 allows attackers to achieve arbitrary code execution via the template function. This is a different parameter, method, and version than CVE-2021-23337. NOTE: the vendor's position is that it's the developer's responsibility to ensure that a template does not evaluate code that originates from untrusted input. |
|
13 |
CVE-2021-41617 |
269 |
|
|
2021-09-26 |
2022-04-20 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. |
|
14 |
CVE-2021-41616 |
502 |
|
|
2021-09-30 |
2021-10-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure and used ObjectInputStream.readObject without validating that the input data was safe to deserialize. Please note that DdlUtils is no longer being actively developed. To address the insecurity of the BinaryObjectHelper class, the following changes to DdlUtils have been made: (1) BinaryObjectsHelper.java has been deleted from the DdlUtils source repository and the DdlUtils feature of propagating data of SQL binary types is therefore no longer present in DdlUtils; (2) The ddlutils-1.0 release has been removed from the Apache Release Distribution Infrastructure; (3) The DdlUtils web site has been updated to indicate that DdlUtils is now available only as source code, not as a packaged release. |
|
15 |
CVE-2021-41588 |
502 |
|
|
2021-09-24 |
2021-10-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys. |
|
16 |
CVE-2021-41587 |
918 |
|
|
2021-09-24 |
2021-09-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. |
|
17 |
CVE-2021-41586 |
918 |
|
|
2021-09-24 |
2021-09-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password. |
|
18 |
CVE-2021-41584 |
200 |
|
+Info |
2021-09-24 |
2021-09-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header. |
|
19 |
CVE-2021-41583 |
20 |
|
|
2021-09-24 |
2021-10-05 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
vpn-user-portal (aka eduVPN or Let's Connect!) before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional VPN access. |
|
20 |
CVE-2021-41581 |
125 |
|
|
2021-09-24 |
2021-09-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination. |
|
21 |
CVE-2021-41580 |
287 |
|
|
2021-09-27 |
2021-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
** DISPUTED ** The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identity provider uses an HTTP 200 status code for authentication-failure error reports, and an application grants authorization upon simply receiving the access token (i.e., does not try to use the token). NOTE: the passport-oauth2 vendor does not consider this a passport-oauth2 vulnerability. |
|
22 |
CVE-2021-41573 |
552 |
|
|
2021-09-29 |
2021-10-07 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. If authenticated user creates a link to a file or folder while the system was running version 4.3.x or earlier and then shares the link and then later deletes the file or folder without deleting the link and before the link expires. If the system has been upgraded to version 4.4.5 or 4.5.0 a malicious user with the link could browse and download all files of the authenticated user that created the link . |
|
23 |
CVE-2021-41558 |
|
|
Bypass |
2021-09-27 |
2021-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The set_user extension module before 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config. |
|
24 |
CVE-2021-41540 |
416 |
|
Exec Code |
2021-09-28 |
2021-10-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13776). |
|
25 |
CVE-2021-41539 |
416 |
|
Exec Code |
2021-09-28 |
2021-10-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13773). |
|
26 |
CVE-2021-41538 |
824 |
|
+Info |
2021-09-28 |
2021-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files. An attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770). |
|
27 |
CVE-2021-41537 |
416 |
|
Exec Code |
2021-09-28 |
2021-10-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13789). |
|
28 |
CVE-2021-41536 |
416 |
|
Exec Code |
2021-09-28 |
2021-10-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13778). |
|
29 |
CVE-2021-41535 |
416 |
|
Exec Code |
2021-09-28 |
2021-11-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13771). |
|
30 |
CVE-2021-41534 |
125 |
|
+Info |
2021-09-28 |
2021-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703). |
|
31 |
CVE-2021-41533 |
125 |
|
+Info |
2021-09-28 |
2021-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13565). |
|
32 |
CVE-2021-41531 |
20 |
|
|
2021-09-21 |
2021-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation. |
|
33 |
CVE-2021-41525 |
|
|
|
2021-09-21 |
2021-10-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
An issue related to modification of otherwise restricted files through a locally authenticated attacker exists in FlexNet inventory agent and inventory beacon versions 2020 R2.5 and prior. |
|
34 |
CVE-2021-41504 |
269 |
|
|
2021-09-24 |
2021-11-19 |
5.2 |
None |
Local Network |
Low |
??? |
Partial |
Partial |
Partial |
|
** UNSUPPORTED WHEN ASSIGNED ** An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
35 |
CVE-2021-41503 |
287 |
|
|
2021-09-24 |
2021-09-30 |
5.2 |
None |
Local Network |
Low |
??? |
Partial |
Partial |
Partial |
|
** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
36 |
CVE-2021-41428 |
732 |
|
|
2021-09-23 |
2021-10-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14.1 allows attacker to escalate privileges via insufficient configuration of service components. |
|
37 |
CVE-2021-41395 |
|
|
|
2021-09-18 |
2021-09-29 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username. |
|
38 |
CVE-2021-41394 |
|
|
|
2021-09-18 |
2021-09-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations. |
|
39 |
CVE-2021-41393 |
287 |
|
|
2021-09-18 |
2021-09-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations. |
|
40 |
CVE-2021-41392 |
74 |
|
Exec Code |
2021-09-17 |
2021-09-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API. |
|
41 |
CVE-2021-41391 |
79 |
|
XSS |
2021-09-17 |
2021-09-29 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover. |
|
42 |
CVE-2021-41390 |
74 |
|
|
2021-09-17 |
2021-09-29 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection. |
|
43 |
CVE-2021-41387 |
269 |
|
|
2021-09-17 |
2021-09-29 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
|
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root. |
|
44 |
CVE-2021-41385 |
918 |
|
|
2021-09-27 |
2021-10-05 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
The third party intelligence connector in Securonix SNYPR 6.3.1 Build 184295_0302 allows an authenticated user to obtain access to server configuration details via SSRF. |
|
45 |
CVE-2021-41383 |
77 |
|
Exec Code |
2021-09-17 |
2021-09-29 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field. |
|
46 |
CVE-2021-41382 |
|
|
|
2021-09-22 |
2021-12-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Plastic SCM before 10.0.16.5622 mishandles the WebAdmin server management interface. |
|
47 |
CVE-2021-41381 |
22 |
|
Dir. Trav. |
2021-09-23 |
2021-11-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Payara Micro Community 5.2021.6 and below allows Directory Traversal. |
|
48 |
CVE-2021-41380 |
20 |
|
DoS |
2021-09-17 |
2021-09-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
** DISPUTED ** RealVNC Viewer 6.21.406 allows remote VNC servers to cause a denial of service (application crash) via crafted RFB protocol data. NOTE: It is asserted that this issue requires social engineering a user into connecting to a fake VNC Server. The VNC Viewer application they are using will then hang, until terminated, but no memory leak occurs - the resources are freed once the hung process is terminated and the resource usage is constant during the hang. Only the process that is connected to the fake Server is affected. This is an application bug, not a security issue. |
|
49 |
CVE-2021-41329 |
668 |
|
|
2021-09-27 |
2021-10-06 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Datalust Seq before 2021.2.6259 allows users (with view filters applied to their accounts) to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when another user has recently executed an identical query differing only by the array elements. |
|
50 |
CVE-2021-41326 |
|
|
|
2021-09-17 |
2021-09-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call. |
