| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
51 |
CVE-2021-43695 |
79 |
|
XSS |
2021-11-29 |
2021-12-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
issabelPBX version 2.11 is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST without sanitization, then there is a XSS vulnerability. |
|
52 |
CVE-2021-43693 |
|
|
File Inclusion |
2021-11-29 |
2021-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php. |
|
53 |
CVE-2021-43692 |
79 |
|
XSS |
2021-11-29 |
2021-12-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
youtube-php-mirroring (last update Jun 9, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in file ytproxy/index.php. |
|
54 |
CVE-2021-43691 |
22 |
|
Dir. Trav. |
2021-11-29 |
2021-12-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
tripexpress v1.1 is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER["argv"] then there is a path manipulation vulnerability. |
|
55 |
CVE-2021-43669 |
444 |
|
|
2021-11-18 |
2021-11-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted and fixed by the developers of Fabric. |
|
56 |
CVE-2021-43668 |
476 |
|
DoS |
2021-11-18 |
2021-11-23 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal. |
|
57 |
CVE-2021-43667 |
476 |
|
|
2021-11-18 |
2021-11-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.1.0. This bug can be leveraged by constructing a message whose payload is nil and sending this message with the method 'forwardToLeader'. This bug has been admitted and fixed by the developers of Fabric. If leveraged, any leader node will crash. |
|
58 |
CVE-2021-43620 |
|
|
|
2021-11-15 |
2021-11-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered in the fruity crate through 0.2.0 for Rust. Security-relevant validation of filename extensions is plausibly affected. Methods of NSString for conversion to a string may return a partial result. Because they call CStr::from_ptr on a pointer to the string buffer, the string is terminated at the first '\0' byte, which might not be the end of the string. |
|
59 |
CVE-2021-43618 |
190 |
|
Overflow |
2021-11-15 |
2021-12-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. |
|
60 |
CVE-2021-43617 |
434 |
|
|
2021-11-14 |
2021-11-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload. |
|
61 |
CVE-2021-43616 |
345 |
|
|
2021-11-13 |
2022-03-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have been blocked by an exact version match requirement in package-lock.json. |
|
62 |
CVE-2021-43611 |
404 |
|
|
2021-11-12 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via " \ " in the display name of a From header. |
|
63 |
CVE-2021-43610 |
444 |
|
|
2021-11-12 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via an invalid From header (request URI without a parameter) in an unauthenticated SIP message, a different issue than CVE-2021-33056. |
|
64 |
CVE-2021-43582 |
416 |
|
Exec Code |
2021-11-22 |
2021-11-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. |
|
65 |
CVE-2021-43581 |
125 |
|
Exec Code |
2021-11-22 |
2021-11-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An Out-of-Bounds Read vulnerability exists when reading a U3D file using Open Design Alliance PRC SDK before 2022.11. The specific issue exists within the parsing of U3D files. Incorrect use of the LibJpeg source manager inside the U3D library, and crafted data in a U3D file, can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. |
|
66 |
CVE-2021-43578 |
693 |
|
|
2021-11-12 |
2021-11-17 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
|
Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control agent processes to replace arbitrary files on the Jenkins controller file system with an attacker-controlled JSON string. |
|
67 |
CVE-2021-43577 |
611 |
|
|
2021-11-12 |
2021-11-17 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
|
68 |
CVE-2021-43576 |
611 |
|
|
2021-11-12 |
2021-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Jenkins pom2config Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing attackers with Overall/Read and Item/Read permissions to have Jenkins parse a crafted XML file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. |
|
69 |
CVE-2021-43575 |
798 |
|
|
2021-11-09 |
2021-11-15 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic key material when it is not being exported. |
|
70 |
CVE-2021-43574 |
79 |
|
XSS |
2021-11-15 |
2021-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
** UNSUPPORTED WHEN ASSIGNED ** WebAdmin Control Panel in Atmail 6.5.0 (a version released in 2012) allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
71 |
CVE-2021-43573 |
120 |
|
Overflow |
2021-11-11 |
2021-12-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame. |
|
72 |
CVE-2021-43572 |
347 |
|
|
2021-11-09 |
2022-03-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. |
|
73 |
CVE-2021-43571 |
347 |
|
|
2021-11-09 |
2021-11-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. |
|
74 |
CVE-2021-43570 |
347 |
|
|
2021-11-09 |
2021-11-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. |
|
75 |
CVE-2021-43569 |
347 |
|
|
2021-11-09 |
2021-11-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. |
|
76 |
CVE-2021-43568 |
347 |
|
|
2021-11-09 |
2021-11-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. |
|
77 |
CVE-2021-43564 |
200 |
|
+Info |
2021-11-10 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the jobfair (aka Job Fair) extension before 1.0.13 and 2.x before 2.0.2 for TYPO3. The extension fails to protect or obfuscate filenames of uploaded files. This allows unauthenticated users to download files with sensitive data by simply guessing the filename of uploaded files (e.g., uploads/tx_jobfair/cv.pdf). |
|
78 |
CVE-2021-43563 |
287 |
|
|
2021-11-10 |
2021-11-16 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The Access Control in the bundled media browser is broken, which allows an unauthenticated attacker to perform requests to the pixx.io API for the configured API user. This allows an attacker to download various media files from the DAM system. |
|
79 |
CVE-2021-43562 |
918 |
|
Exec Code |
2021-11-10 |
2021-11-16 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The extension fails to restrict the image download to the configured pixx.io DAM URL, resulting in SSRF. As a result, an attacker can download various content from a remote location and save it to a user-controlled filename, which may result in Remote Code Execution. A TYPO3 backend user account is required to exploit this. |
|
80 |
CVE-2021-43561 |
79 |
|
XSS |
2021-11-10 |
2021-11-16 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An XSS issue was discovered in the google_for_jobs (aka Google for Jobs) extension before 1.5.1 and 2.x before 2.1.1 for TYPO3. The extension fails to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit the vulnerability. |
|
81 |
CVE-2021-43560 |
668 |
|
|
2021-11-22 |
2021-11-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events. |
|
82 |
CVE-2021-43559 |
352 |
|
CSRF |
2021-11-22 |
2021-11-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk. |
|
83 |
CVE-2021-43558 |
79 |
|
XSS |
2021-11-22 |
2021-11-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk. |
|
84 |
CVE-2021-43557 |
77 |
|
Bypass |
2021-11-22 |
2021-11-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The $request_uri is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains "^/internal/", a URI like `//internal/` can be used to bypass it. Some other plugins also have the same issue. And it may affect the developer's custom plugin. |
|
85 |
CVE-2021-43555 |
23 |
|
Exec Code |
2021-11-19 |
2021-11-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution. |
|
86 |
CVE-2021-43553 |
863 |
|
|
2021-11-17 |
2021-11-19 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property. |
|
87 |
CVE-2021-43551 |
79 |
|
XSS |
2021-11-17 |
2022-04-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other data accessible with victim's user permissions. |
|
88 |
CVE-2021-43549 |
79 |
|
XSS |
2021-11-18 |
2021-11-23 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information. |
|
89 |
CVE-2021-43523 |
79 |
|
Exec Code XSS |
2021-11-10 |
2021-11-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur. |
|
90 |
CVE-2021-43519 |
674 |
|
DoS Overflow |
2021-11-09 |
2022-05-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file. |
|
91 |
CVE-2021-43496 |
22 |
|
Dir. Trav. |
2021-11-12 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. |
|
92 |
CVE-2021-43495 |
22 |
|
Dir. Trav. |
2021-11-15 |
2021-11-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. |
|
93 |
CVE-2021-43494 |
22 |
|
Dir. Trav. |
2021-11-12 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
OpenCV-REST-API master branch as of commit 69be158c05d4dd5a4aff38fdc680a162dd6b9e49 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. |
|
94 |
CVE-2021-43493 |
22 |
|
Exec Code Dir. Trav. |
2021-11-12 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
ServerManagement master branch as of commit 49491cc6f94980e6be7791d17be947c27071eb56 is affected by a directory traversal vulnerability. This vulnerability can be used to extract credentials which can in turn be used to execute code. |
|
95 |
CVE-2021-43492 |
22 |
|
Dir. Trav. |
2021-11-12 |
2021-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system andcan significantly aid in getting remote code access. |
|
96 |
CVE-2021-43466 |
94 |
|
Exec Code |
2021-11-09 |
2022-03-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution. |
|
97 |
CVE-2021-43414 |
863 |
|
|
2021-11-07 |
2021-11-09 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access. |
|
98 |
CVE-2021-43413 |
|
|
|
2021-11-07 |
2021-11-09 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access. |
|
99 |
CVE-2021-43412 |
416 |
|
|
2021-11-07 |
2021-11-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any port, which can lead to port use-after-free. This can be exploited for local privilege escalation to get full root access. |
|
100 |
CVE-2021-43411 |
863 |
|
|
2021-11-07 |
2021-11-09 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there's a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access. |
