CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2021

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2021-43695 79 XSS 2021-11-29 2021-12-01
4.3
None Remote Medium Not required None Partial None
issabelPBX version 2.11 is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST without sanitization, then there is a XSS vulnerability.
52 CVE-2021-43693 File Inclusion 2021-11-29 2021-11-30
7.5
None Remote Low Not required Partial Partial Partial
vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php.
53 CVE-2021-43692 79 XSS 2021-11-29 2021-12-10
4.3
None Remote Medium Not required None Partial None
youtube-php-mirroring (last update Jun 9, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in file ytproxy/index.php.
54 CVE-2021-43691 22 Dir. Trav. 2021-11-29 2021-12-01
7.5
None Remote Low Not required Partial Partial Partial
tripexpress v1.1 is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER["argv"] then there is a path manipulation vulnerability.
55 CVE-2021-43669 444 2021-11-18 2021-11-23
5.0
None Remote Low Not required None None Partial
A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted and fixed by the developers of Fabric.
56 CVE-2021-43668 476 DoS 2021-11-18 2021-11-23
2.1
None Local Low Not required None None Partial
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
57 CVE-2021-43667 476 2021-11-18 2021-11-23
5.0
None Remote Low Not required None None Partial
A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.1.0. This bug can be leveraged by constructing a message whose payload is nil and sending this message with the method 'forwardToLeader'. This bug has been admitted and fixed by the developers of Fabric. If leveraged, any leader node will crash.
58 CVE-2021-43620 2021-11-15 2021-11-18
5.0
None Remote Low Not required None Partial None
An issue was discovered in the fruity crate through 0.2.0 for Rust. Security-relevant validation of filename extensions is plausibly affected. Methods of NSString for conversion to a string may return a partial result. Because they call CStr::from_ptr on a pointer to the string buffer, the string is terminated at the first '\0' byte, which might not be the end of the string.
59 CVE-2021-43618 190 Overflow 2021-11-15 2021-12-16
5.0
None Remote Low Not required None None Partial
GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.
60 CVE-2021-43617 434 2021-11-14 2021-11-18
7.5
None Remote Low Not required Partial Partial Partial
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload.
61 CVE-2021-43616 345 2021-11-13 2022-03-25
7.5
None Remote Low Not required Partial Partial Partial
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have been blocked by an exact version match requirement in package-lock.json.
62 CVE-2021-43611 404 2021-11-12 2021-11-16
5.0
None Remote Low Not required None None Partial
Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via " \ " in the display name of a From header.
63 CVE-2021-43610 444 2021-11-12 2021-11-16
5.0
None Remote Low Not required None None Partial
Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via an invalid From header (request URI without a parameter) in an unauthenticated SIP message, a different issue than CVE-2021-33056.
64 CVE-2021-43582 416 Exec Code 2021-11-22 2021-11-30
6.8
None Remote Medium Not required Partial Partial Partial
A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
65 CVE-2021-43581 125 Exec Code 2021-11-22 2021-11-26
6.8
None Remote Medium Not required Partial Partial Partial
An Out-of-Bounds Read vulnerability exists when reading a U3D file using Open Design Alliance PRC SDK before 2022.11. The specific issue exists within the parsing of U3D files. Incorrect use of the LibJpeg source manager inside the U3D library, and crafted data in a U3D file, can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
66 CVE-2021-43578 693 2021-11-12 2021-11-17
5.5
None Remote Low ??? None Partial Partial
Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control agent processes to replace arbitrary files on the Jenkins controller file system with an attacker-controlled JSON string.
67 CVE-2021-43577 611 2021-11-12 2021-11-17
5.5
None Remote Low ??? Partial Partial None
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
68 CVE-2021-43576 611 2021-11-12 2021-11-17
4.3
None Remote Medium Not required Partial None None
Jenkins pom2config Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing attackers with Overall/Read and Item/Read permissions to have Jenkins parse a crafted XML file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.
69 CVE-2021-43575 798 2021-11-09 2021-11-15
2.1
None Local Low Not required Partial None None
** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic key material when it is not being exported.
70 CVE-2021-43574 79 XSS 2021-11-15 2021-11-17
4.3
None Remote Medium Not required None Partial None
** UNSUPPORTED WHEN ASSIGNED ** WebAdmin Control Panel in Atmail 6.5.0 (a version released in 2012) allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
71 CVE-2021-43573 120 Overflow 2021-11-11 2021-12-21
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame.
72 CVE-2021-43572 347 2021-11-09 2022-03-24
7.5
None Remote Low Not required Partial Partial Partial
The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
73 CVE-2021-43571 347 2021-11-09 2021-11-12
7.5
None Remote Low Not required Partial Partial Partial
The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
74 CVE-2021-43570 347 2021-11-09 2021-11-12
7.5
None Remote Low Not required Partial Partial Partial
The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
75 CVE-2021-43569 347 2021-11-09 2021-11-12
7.5
None Remote Low Not required Partial Partial Partial
The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
76 CVE-2021-43568 347 2021-11-09 2021-11-12
7.5
None Remote Low Not required Partial Partial Partial
The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
77 CVE-2021-43564 200 +Info 2021-11-10 2021-11-16
5.0
None Remote Low Not required Partial None None
An issue was discovered in the jobfair (aka Job Fair) extension before 1.0.13 and 2.x before 2.0.2 for TYPO3. The extension fails to protect or obfuscate filenames of uploaded files. This allows unauthenticated users to download files with sensitive data by simply guessing the filename of uploaded files (e.g., uploads/tx_jobfair/cv.pdf).
78 CVE-2021-43563 287 2021-11-10 2021-11-16
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The Access Control in the bundled media browser is broken, which allows an unauthenticated attacker to perform requests to the pixx.io API for the configured API user. This allows an attacker to download various media files from the DAM system.
79 CVE-2021-43562 918 Exec Code 2021-11-10 2021-11-16
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The extension fails to restrict the image download to the configured pixx.io DAM URL, resulting in SSRF. As a result, an attacker can download various content from a remote location and save it to a user-controlled filename, which may result in Remote Code Execution. A TYPO3 backend user account is required to exploit this.
80 CVE-2021-43561 79 XSS 2021-11-10 2021-11-16
3.5
None Remote Medium ??? None Partial None
An XSS issue was discovered in the google_for_jobs (aka Google for Jobs) extension before 1.5.1 and 2.x before 2.1.1 for TYPO3. The extension fails to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit the vulnerability.
81 CVE-2021-43560 668 2021-11-22 2021-11-26
5.0
None Remote Low Not required Partial None None
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
82 CVE-2021-43559 352 CSRF 2021-11-22 2021-11-26
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.
83 CVE-2021-43558 79 XSS 2021-11-22 2021-11-26
4.3
None Remote Medium Not required None Partial None
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.
84 CVE-2021-43557 77 Bypass 2021-11-22 2021-11-26
5.0
None Remote Low Not required Partial None None
The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The $request_uri is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains "^/internal/", a URI like `//internal/` can be used to bypass it. Some other plugins also have the same issue. And it may affect the developer's custom plugin.
85 CVE-2021-43555 23 Exec Code 2021-11-19 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.
86 CVE-2021-43553 863 2021-11-17 2021-11-19
4.0
None Remote Low ??? Partial None None
PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property.
87 CVE-2021-43551 79 XSS 2021-11-17 2022-04-12
3.5
None Remote Medium ??? None Partial None
A remote attacker with write access to PI Vision could inject code into a display. Unauthorized information disclosure, modification, or deletion is possible if a victim views or interacts with the infected display using Microsoft Internet Explorer. The impact affects PI System data and other data accessible with victim's user permissions.
88 CVE-2021-43549 79 XSS 2021-11-18 2021-11-23
3.5
None Remote Medium ??? None Partial None
A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. As a result, a victim may disclose sensitive information to the attacker or be provided with false information.
89 CVE-2021-43523 79 Exec Code XSS 2021-11-10 2021-11-15
6.8
None Remote Medium Not required Partial Partial Partial
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.
90 CVE-2021-43519 674 DoS Overflow 2021-11-09 2022-05-03
4.3
None Remote Medium Not required None None Partial
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
91 CVE-2021-43496 22 Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
92 CVE-2021-43495 22 Dir. Trav. 2021-11-15 2021-11-18
5.0
None Remote Low Not required Partial None None
AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
93 CVE-2021-43494 22 Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
OpenCV-REST-API master branch as of commit 69be158c05d4dd5a4aff38fdc680a162dd6b9e49 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
94 CVE-2021-43493 22 Exec Code Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
ServerManagement master branch as of commit 49491cc6f94980e6be7791d17be947c27071eb56 is affected by a directory traversal vulnerability. This vulnerability can be used to extract credentials which can in turn be used to execute code.
95 CVE-2021-43492 22 Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system andcan significantly aid in getting remote code access.
96 CVE-2021-43466 94 Exec Code 2021-11-09 2022-03-29
6.8
None Remote Medium Not required Partial Partial Partial
In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution.
97 CVE-2021-43414 863 2021-11-07 2021-11-09
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access.
98 CVE-2021-43413 2021-11-07 2021-11-09
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access.
99 CVE-2021-43412 416 2021-11-07 2021-11-09
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any port, which can lead to port use-after-free. This can be exploited for local privilege escalation to get full root access.
100 CVE-2021-43411 863 2021-11-07 2021-11-09
8.5
None Remote Medium ??? Complete Complete Complete
An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there's a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access.
Total number of vulnerabilities : 1511   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.