CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2021

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2021-43409 79 XSS 2021-11-19 2021-11-24
4.3
None Remote Medium Not required None Partial None
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker.
102 CVE-2021-43408 89 Exec Code Sql 2021-11-19 2021-11-24
9.0
None Remote Low ??? Complete Complete Complete
The "Duplicate Post" WordPress plugin up to and including version 1.1.9 is vulnerable to SQL Injection. SQL injection vulnerabilities occur when client supplied data is included within an SQL Query insecurely. SQL Injection can typically be exploited to read, modify and delete SQL table data. In many cases it also possible to exploit features of SQL server to execute system commands and/or access the local file system. This particular vulnerability can be exploited by any authenticated user who has been granted access to use the Duplicate Post plugin. By default, this is limited to Administrators, however the plugin presents the option to permit access to the Editor, Author, Contributor and Subscriber roles.
103 CVE-2021-43406 20 2021-11-05 2021-11-09
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in FusionPBX before 4.5.30. The fax_post_size may have risky characters (it is not constrained to preset values).
104 CVE-2021-43405 20 2021-11-05 2021-11-09
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric).
105 CVE-2021-43404 20 2021-11-05 2021-11-09
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in FusionPBX before 4.5.30. The FAX file name may have risky characters.
106 CVE-2021-43400 416 2021-11-04 2021-11-08
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.
107 CVE-2021-43398 203 +Info 2021-11-04 2022-04-18
5.0
None Remote Low Not required Partial None None
** DISPUTED ** Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this report is disputed by the vendor and multiple third parties. The execution-time differences are intentional. A user may make a choice of a longer key as a tradeoff between strength and performance. In making this choice, the amount of information leaked to an adversary is of infinitesimal value.
108 CVE-2021-43397 269 2021-11-11 2021-11-26
9.0
None Remote Low ??? Complete Complete Complete
LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin.
109 CVE-2021-43396 2021-11-04 2021-11-17
5.0
None Remote Low Not required None Partial None
** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug."
110 CVE-2021-43391 125 Exec Code 2021-11-14 2021-11-30
6.8
None Remote Medium Not required Partial Partial Partial
An Out-of-Bounds Read vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid dash counter in line types) can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
111 CVE-2021-43390 787 Exec Code 2021-11-14 2021-11-30
6.8
None Remote Medium Not required Partial Partial Partial
An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
112 CVE-2021-43389 125 2021-11-04 2022-04-05
2.1
None Local Low Not required None None Partial
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
113 CVE-2021-43362 89 Sql 2021-11-16 2021-11-17
7.5
None Remote Low Not required Partial Partial Partial
Due to improper sanitization MedData HBYS software suffers from a remote SQL injection vulnerability. An unauthenticated attacker with the web access is able to extract critical information from the system.
114 CVE-2021-43361 89 Sql 2021-11-16 2021-11-17
7.5
None Remote Low Not required Partial Partial Partial
Due to improper sanitization MedData HBYS software suffers from a remote SQL injection vulnerability. An unauthenticated attacker with the web access is able to extract critical information from the system.
115 CVE-2021-43350 74 2021-11-11 2021-11-30
7.5
None Remote Low Not required Partial Partial Partial
An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter.
116 CVE-2021-43339 77 2021-11-03 2021-11-30
6.5
None Remote Low ??? Partial Partial Partial
In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality. For example, a new admin user could be created.
117 CVE-2021-43338 89 Sql 2021-11-03 2021-11-05
6.5
None Remote Low ??? Partial Partial Partial
In Ericsson Network Location MPS GMPC21, it is possible to creates a new admin user with a SQL Query for file_name in the export functionality.
118 CVE-2021-43337 863 2021-11-17 2021-11-29
4.0
None Remote Low ??? Partial None None
SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access.
119 CVE-2021-43336 787 Exec Code 2021-11-14 2022-03-25
6.8
None Remote Medium Not required Partial Partial Partial
An Out-of-Bounds Write vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid number of properties) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
120 CVE-2021-43332 307 CSRF 2021-11-12 2021-11-16
4.0
None Remote Low ??? Partial None None
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
121 CVE-2021-43331 79 XSS 2021-11-12 2021-11-16
4.3
None Remote Medium Not required None Partial None
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
122 CVE-2021-43324 79 XSS 2021-11-03 2021-11-04
4.3
None Remote Medium Not required None Partial None
LibreNMS through 21.10.2 allows XSS via a widget title.
123 CVE-2021-43319 77 2021-11-30 2022-04-06
7.5
None Remote Low Not required Partial Partial Partial
Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality.
124 CVE-2021-43296 918 2021-11-30 2022-04-27
5.0
None Remote Low Not required Partial None None
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to an SSRF attack in ActionExecutor.
125 CVE-2021-43295 79 XSS 2021-11-30 2022-04-27
4.3
None Remote Medium Not required None Partial None
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Accounts module.
126 CVE-2021-43294 79 XSS 2021-11-30 2022-04-27
4.3
None Remote Medium Not required None Partial None
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Products module.
127 CVE-2021-43293 918 2021-11-04 2021-11-05
4.0
None Remote Low ??? Partial None None
Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF).
128 CVE-2021-43284 798 2021-11-30 2021-12-03
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH (regardless of whether the admin password was changed on the web interface).
129 CVE-2021-43283 78 Exec Code 2021-11-30 2021-12-03
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the ping and traceroute features. An attacker would thus be able to use this vulnerability to open a reverse shell on the device with root privileges.
130 CVE-2021-43282 798 2021-11-30 2021-12-03
3.3
None Local Network Low Not required Partial None None
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within Wi-Fi range through the router's MAC address. The device default Wi-Fi password corresponds to the last 4 bytes of the MAC address of its 2.4 GHz network interface controller (NIC). An attacker within scanning range of the Wi-Fi network can thus scan for Wi-Fi networks to obtain the default key.
131 CVE-2021-43281 94 Exec Code 2021-11-04 2021-11-05
6.5
None Remote Low ??? Partial Partial Partial
MyBB before 1.8.29 allows Remote Code Injection by an admin with the "Can manage settings?" permission. The Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type "php" with PHP code, executed on Change Settings pages.
132 CVE-2021-43280 787 Exec Code Overflow 2021-11-14 2021-11-30
6.8
None Remote Medium Not required Partial Partial Partial
A stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
133 CVE-2021-43279 787 Exec Code 2021-11-14 2021-11-30
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the U3D file reading procedure in Open Design Alliance PRC SDK before 2022.10. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
134 CVE-2021-43278 125 Exec Code 2021-11-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
An Out-of-bounds Read vulnerability exists in the OBJ file reading procedure in Open Design Alliance Drawings SDK before 2022.11. The lack of validating the input length can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
135 CVE-2021-43277 125 Exec Code 2021-11-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read vulnerability exists in the U3D file reading procedure in Open Design Alliance PRC SDK before 2022.10. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
136 CVE-2021-43276 125 Exec Code 2021-11-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
An Out-of-bounds Read vulnerability exists in Open Design Alliance ODA Viewer before 2022.8. Crafted data in a DWF file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process
137 CVE-2021-43275 416 Exec Code 2021-11-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
A Use After Free vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
138 CVE-2021-43274 416 Exec Code 2021-11-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
A Use After Free Vulnerability exists in the Open Design Alliance Drawings SDK before 2022.11. The specific flaw exists within the parsing of DWF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
139 CVE-2021-43273 125 Exec Code 2021-11-14 2021-11-30
4.3
None Remote Medium Not required Partial None None
An Out-of-bounds Read vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.11. Crafted data in a DGN file and lack of verification of input data can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
140 CVE-2021-43272 755 Exec Code 2021-11-14 2021-12-06
7.5
None Remote Low Not required Partial Partial Partial
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA Viewer sample before 2022.11. ODA Viewer continues to process invalid or malicious DWF files instead of stopping upon an exception. An attacker can leverage this vulnerability to execute code in the context of the current process.
141 CVE-2021-43270 2021-11-02 2021-11-04
5.0
None Remote Low Not required Partial None None
Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended.
142 CVE-2021-43268 415 2021-11-24 2021-12-01
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.
143 CVE-2021-43267 20 2021-11-02 2022-02-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
144 CVE-2021-43266 78 Exec Code 2021-11-02 2022-05-03
4.6
None Remote High ??? Partial Partial Partial
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export could lead to code execution via shell metacharacters in a collection name. Additional, in Mahara before 20.10.4, 21.04.3, and 21.10.1, exporting collections via PDF export could cause code execution
145 CVE-2021-43265 79 XSS 2021-11-02 2021-11-09
3.5
None Remote Medium ??? None Partial None
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag syntax could be used for XSS, such as via a SCRIPT element.
146 CVE-2021-43264 22 Dir. Trav. Bypass 2021-11-02 2021-11-09
2.1
None Local Low Not required Partial None None
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character.
147 CVE-2021-43221 94 Exec Code 2021-11-24 2021-11-30
4.0
None Remote High Not required Partial Partial None
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
148 CVE-2021-43220 290 2021-11-24 2021-11-30
5.0
None Remote Low Not required None Partial None
Microsoft Edge for iOS Spoofing Vulnerability
149 CVE-2021-43211 269 2021-11-24 2021-11-30
6.6
None Local Low Not required None Complete Complete
Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42297.
150 CVE-2021-43209 Exec Code 2021-11-10 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
3D Viewer Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-43208.
Total number of vulnerabilities : 1511   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.