| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
551 |
CVE-2021-39914 |
400 |
|
DoS |
2021-11-04 |
2022-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3 and 14.4.0 could cause excessive usage of resources when a specially crafted username was used when provisioning a new user |
|
552 |
CVE-2021-39913 |
269 |
|
|
2021-11-05 |
2022-05-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Accidental logging of system root password in the migration log in all versions of GitLab CE/EE before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker with local file system access to obtain system root-level privileges |
|
553 |
CVE-2021-39912 |
770 |
|
|
2021-11-05 |
2021-11-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A potential DoS vulnerability was discovered in GitLab CE/EE starting with version 13.7. Using a malformed TIFF images was possible to trigger memory exhaustion. |
|
554 |
CVE-2021-39911 |
863 |
|
|
2021-11-05 |
2022-05-12 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An improper access control flaw in all versions of GitLab CE/EE starting from 13.9 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 exposes private email address of Issue and Merge Requests assignee to Webhook data consumers |
|
555 |
CVE-2021-39909 |
347 |
|
Bypass |
2021-11-05 |
2022-05-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE starting from 11.3 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker to bypass CODEOWNERS Merge Request approval requirement under rare circumstances |
|
556 |
CVE-2021-39907 |
770 |
|
|
2021-11-05 |
2021-11-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage. |
|
557 |
CVE-2021-39906 |
79 |
|
Exec Code XSS |
2021-11-05 |
2021-11-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Improper validation of ipynb files in GitLab CE/EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf. |
|
558 |
CVE-2021-39905 |
|
|
|
2021-11-05 |
2021-11-08 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public project has been shared with |
|
559 |
CVE-2021-39904 |
863 |
|
|
2021-11-05 |
2022-05-13 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An Improper Access Control vulnerability in the GraphQL API in all versions of GitLab CE/EE starting from 13.1 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows a Merge Request creator to resolve discussions and apply suggestions after a project owner has locked the Merge Request |
|
560 |
CVE-2021-39903 |
863 |
|
|
2021-11-04 |
2021-11-08 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings. |
|
561 |
CVE-2021-39902 |
863 |
|
|
2021-11-04 |
2021-11-08 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Incorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incident. |
|
562 |
CVE-2021-39901 |
|
|
|
2021-11-05 |
2021-11-08 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In all versions of GitLab CE/EE since version 11.10, an admin of a group can see the SCIM token of that group by visiting a specific endpoint. |
|
563 |
CVE-2021-39898 |
668 |
|
|
2021-11-05 |
2021-11-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the project which it was exported from. |
|
564 |
CVE-2021-39897 |
281 |
|
|
2021-11-05 |
2021-11-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have access even after the subgroup is transferred |
|
565 |
CVE-2021-39895 |
|
|
|
2021-11-05 |
2021-11-08 |
2.1 |
None |
Remote |
High |
??? |
Partial |
None |
None |
|
In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure if the project is imported from an untrusted source. |
|
566 |
CVE-2021-39474 |
78 |
|
Exec Code |
2021-11-10 |
2021-11-16 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009. The vulnerability allows an attacker with privileges and network access through the ping.cmd component to execute commands on the device. |
|
567 |
CVE-2021-39420 |
79 |
|
XSS |
2021-11-08 |
2021-11-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0.99.5 via the (1) s parameter in search_all.php and the (2) msg parameter in add.attach.php. |
|
568 |
CVE-2021-39416 |
79 |
|
XSS |
2021-11-05 |
2021-11-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple Cross Site Scripting (XSS) vulnerabilities exists in Remote Clinic v2.0 in (1) patients/register-patient.php via the (a) Contact, (b) Email, (c) Weight, (d) Profession, (e) ref_contact, (f) address, (g) gender, (h) age, and (i) serial parameters; in (2) patients/edit-patient.php via the (a) Contact, (b) Email, (c) Weight, Profession, (d) ref_contact, (e) address, (f) serial, (g) age, and (h) gender parameters; in (3) staff/edit-my-profile.php via the (a) Title, (b) First Name, (c) Last Name, (d) Skype, and (e) Address parameters; and in (4) clinics/settings.php via the (a) portal_name, (b) guardian_short_name, (c) guardian_name, (d) opening_time, (e) closing_time, (f) access_level_5, (g) access_level_4, (h) access_level_ 3, (i) access_level_2, (j) access_level_1, (k) currency, (l) mobile_number, (m) address, (n) patient_contact, (o) patient_address, and (p) patient_email parameters. |
|
569 |
CVE-2021-39413 |
79 |
|
XSS |
2021-11-05 |
2021-11-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, and (j) reports.php; the (2) from_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, (j) webmaster-tools.php, and (k) reports.php; the (3) order_col parameter in (a) analytics.php, (b) review.php, (c) social_media.php, and (d) webmaster-tools.php; and the (4) pageno parameter in (a) alerts.php, (b) log.php, (c) keywords.php, (d) proxy.php, (e) searchengine.php, and (f) siteauditor.php. |
|
570 |
CVE-2021-39412 |
79 |
|
XSS |
2021-11-05 |
2021-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple Cross Site Scripting (XSS) vulnerabilities exists in PHPGurukul Shopping v3.1 via the (1) callback parameter in (a) server_side/scripts/id_jsonp.php, (b) server_side/scripts/jsonp.php, and (c) scripts/objects_jsonp.php, the (2) value parameter in examples_support/editable_ajax.php, and the (3) PHP_SELF parameter in captcha/index.php. |
|
571 |
CVE-2021-39411 |
79 |
|
XSS |
2021-11-05 |
2021-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the (1) searchdata parameter in (a) doctor/search.php and (b) admin/patient-search.php, and the (2) fromdate and (3) todate parameters in admin/betweendates-detailsreports.php. |
|
572 |
CVE-2021-39353 |
352 |
|
CSRF |
2021-11-19 |
2021-11-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the ajax_add_form function found in the ~/includes/class-form.php file which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 2.1.1. |
|
573 |
CVE-2021-39346 |
79 |
|
XSS |
2021-11-01 |
2021-11-02 |
2.1 |
None |
Remote |
High |
??? |
None |
Partial |
None |
|
The Google Maps Easy WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/modules/marker_groups/views/tpl/mgrEditMarkerGroup.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.9.33. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. |
|
574 |
CVE-2021-39341 |
285 |
|
|
2021-11-01 |
2021-11-03 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and unauthorized setting updates due to insufficient authorization validation via the logged_in_or_has_api_key function in the ~/OMAPI/RestApi.php file that can used to exploit inject malicious web scripts on sites with the plugin installed. This affects versions up to, and including, 2.6.4. |
|
575 |
CVE-2021-39340 |
79 |
|
XSS |
2021-11-01 |
2021-11-02 |
2.1 |
None |
Remote |
High |
??? |
None |
Partial |
None |
|
The Notification WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/src/classes/Utils/Settings.php file which made it possible for attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 7.2.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. |
|
576 |
CVE-2021-39333 |
284 |
|
|
2021-11-01 |
2021-11-02 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
|
The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress contained several AJAX functions which relied on a nonce which was visible to all logged-in users for access control, allowing them to execute a function that truncated nearly all database tables and removed the contents of wp-content/uploads. |
|
577 |
CVE-2021-39303 |
918 |
|
|
2021-11-12 |
2021-12-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability. |
|
578 |
CVE-2021-39238 |
120 |
|
Overflow |
2021-11-03 |
2021-11-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer overflow. |
|
579 |
CVE-2021-39237 |
|
|
|
2021-11-03 |
2021-11-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure. |
|
580 |
CVE-2021-39236 |
287 |
|
|
2021-11-19 |
2021-11-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In Apache Ozone before 1.2.0, Authenticated users with valid Ozone S3 credentials can create specific OM requests, impersonating any other user. |
|
581 |
CVE-2021-39235 |
732 |
|
|
2021-11-19 |
2021-11-19 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block. |
|
582 |
CVE-2021-39234 |
863 |
|
Bypass |
2021-11-19 |
2021-11-19 |
4.9 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
None |
|
In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL. |
|
583 |
CVE-2021-39233 |
863 |
|
|
2021-11-19 |
2021-11-19 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client. |
|
584 |
CVE-2021-39232 |
863 |
|
Exec Code |
2021-11-19 |
2021-11-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In Apache Ozone versions prior to 1.2.0, certain admin related SCM commands can be executed by any authenticated users, not just by admins. |
|
585 |
CVE-2021-39231 |
668 |
|
|
2021-11-19 |
2021-11-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration. |
|
586 |
CVE-2021-39222 |
79 |
|
XSS |
2021-11-15 |
2021-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Talk application was vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. For exploitation, a user would need to right-click on a malicious file and open the file in a new tab. Due the strict Content-Security-Policy shipped with Nextcloud, this issue is not exploitable on modern browsers supporting Content-Security-Policy. It is recommended that the Nextcloud Talk application is upgraded to patched versions 10.0.7, 10.1.4, 11.1.2, 11.2.0 or 12.0.0. As a workaround, use a browser that has support for Content-Security-Policy. |
|
587 |
CVE-2021-39198 |
352 |
|
CSRF |
2021-11-19 |
2021-11-23 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
OroCRM is an open source Client Relationship Management (CRM) application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cross-Site Request Forgery (CSRF) attack. There are no workarounds that address this vulnerability and all users are advised to update their package. |
|
588 |
CVE-2021-39182 |
327 |
|
|
2021-11-08 |
2021-11-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of the product. As a workaround, users can remove the `MD5` hashing function from the file `hashing.py`. |
|
589 |
CVE-2021-39000 |
200 |
|
+Info |
2021-11-30 |
2021-11-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics. IBM X-Force ID: 213215. |
|
590 |
CVE-2021-38999 |
200 |
|
+Info |
2021-11-30 |
2021-11-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. |
|
591 |
CVE-2021-38985 |
20 |
|
|
2021-11-12 |
2021-11-16 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
|
592 |
CVE-2021-38984 |
326 |
|
|
2021-11-15 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212793. |
|
593 |
CVE-2021-38983 |
326 |
|
|
2021-11-15 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212792. |
|
594 |
CVE-2021-38982 |
79 |
|
XSS |
2021-11-15 |
2021-11-16 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212791. |
|
595 |
CVE-2021-38981 |
209 |
|
+Info |
2021-11-15 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 212788. |
|
596 |
CVE-2021-38980 |
209 |
|
+Info |
2021-11-23 |
2021-11-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 212786. |
|
597 |
CVE-2021-38979 |
326 |
|
|
2021-11-15 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input. IBM X-Force ID: 212785. |
|
598 |
CVE-2021-38978 |
200 |
|
+Info |
2021-11-15 |
2021-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 212783. |
|
599 |
CVE-2021-38977 |
863 |
|
|
2021-11-15 |
2021-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 212782. |
|
600 |
CVE-2021-38976 |
522 |
|
|
2021-11-15 |
2022-05-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user. X-Force ID: 212781. |
