CVE.report search for ""

Listed below are 50 relevant search results for "" based on Vendor, Software, and CVE description

These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.

If you notice a "Not Listed" in either the vendor or software columns, know this is due to the data being pulled directly from a github repository, in which the Vendor and Software have not yet been officially listed

Search Results

CVE ID Vendor Software Description
CVE-2021-31935Open-xchangeOpen-xchange AppsuiteOX App Suite 7.10.4 and earlier allows XSS via a crafted distribution list (payload in the common name) that is mishandled in...
CVE-2021-31934Open-xchangeOpen-xchange AppsuiteOX App Suite 7.10.4 and earlier allows XSS via a crafted contact object (payload in the position or company field) that is mi...
CVE-2021-31879GnuWgetGNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-...
CVE-2021-31872Klibc ProjectKlibcAn issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may ...
CVE-2021-31871Klibc ProjectKlibcAn issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereferen...
CVE-2021-31870Klibc ProjectKlibcAn issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and ...
CVE-2021-31856Layer5MesheryA SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands vi...
CVE-2021-31826ShibbolethService ProviderShibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery featu...
CVE-2021-31815GoogleGoogle/apple Exposure NotificationsGAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information...
CVE-2021-31803CpanelCpanelcPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SEC-581).
CVE-2021-31802NetgearR7000NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authent...
CVE-2021-31795Pvrsrvkm.ko ProjectPvrsrvkm.koThe PowerVR GPU kernel driver in pvrsrvkm.ko through 2021-04-24 for the Linux kernel, as used on Alcatel 1S phones, allows at...
CVE-2021-31794DirectumDirectumSettings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent header.
CVE-2021-31792SalesagilitySuitecrmXSS in the client account page in SuiteCRM before 7.11.19 allows an attacker to inject JavaScript via the name field
CVE-2021-31791SentrysoftwareHardware Sentry Km For Bmc PatrolIn Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or timeout of a c...
CVE-2021-31784OpendesignDrawings SdkAn out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 ...
CVE-2021-31783PiwigoLocalfiles Editorshow_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File Inclusion because the file pa...
CVE-2021-31780MispMispIn app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to information disclosure on a...
CVE-2021-31779YoastYoast SeoThe yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3 allows SSRF via a backend user account.
CVE-2021-31778Media2click ProjectMedia2clickThe media2click (aka 2 Clicks for External Media) extension 1.x before 1.3.3 for TYPO3 allows XSS by a backend user account.
CVE-2021-31777Dynamic Content Element ProjectDynamic Content ElementThe dce (aka Dynamic Content Element) extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQ...
CVE-2021-31762WebminWebminWebmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature,...
CVE-2021-31761WebminWebminWebmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running...
CVE-2021-31760WebminWebminWebmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's runn...
CVE-2021-31726AkuvoxC315Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. The attack vector is sending a payload ...
CVE-2021-31718Npupnp ProjectNpupnpThe server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpo...
CVE-2021-31671Pgsync ProjectPgsyncpgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-firs...
CVE-2021-31646GestsupGestsupGestsup before 3.2.10 allows account takeover through the password recovery functionality (remote). The affected component is...
CVE-2021-31607SaltstackSaltIn SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local...
CVE-2021-31597Xmlhttprequest-ssl ProjectXmlhttprequest-sslThe xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnautho...
CVE-2021-31572AmazonFreertosThe kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
CVE-2021-31571AmazonFreertosThe kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.
CVE-2021-31555MediawikiMediawikiAn issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_...
CVE-2021-31554MediawikiMediawikiAn issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for c...
CVE-2021-31553MediawikiMediawikiAn issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace...
CVE-2021-31552MediawikiMediawikiAn issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules rela...
CVE-2021-31551MediawikiMediawikiAn issue was discovered in the PageForms extension for MediaWiki through 1.35.2. Crafted payloads for Token-related query par...
CVE-2021-31550MediawikiMediawikiAn issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. Via crafted configuration variables, a mali...
CVE-2021-31549MediawikiMediawikiAn issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The Special:AbuseFilter/examine form allow...
CVE-2021-31548MediawikiMediawikiAn issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked ...
CVE-2021-31547MediawikiMediawikiAn issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals supp...
CVE-2021-31546MediawikiMediawikiAn issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppressio...
CVE-2021-31545MediawikiMediawikiAn issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The page_recent_contributors leaked the ex...
CVE-2021-31540WowzaStreaming EngineWowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the...
CVE-2021-31539WowzaStreaming EngineWowza Streaming Engine before 4.8.8.01 (in a default installation) has cleartext passwords stored in the conf/admin.password ...
CVE-2021-31523Xscreensaver ProjectXscreensaverThe Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar...
CVE-2021-31438FoxitsoftwareFoxit Studio PhotoThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.93...
CVE-2021-31437FoxitsoftwareFoxit Studio PhotoThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.93...
CVE-2021-31436FoxitsoftwareFoxit Studio PhotoThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.93...
CVE-2021-31435FoxitsoftwareFoxit Studio PhotoThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.93...