Export limit exceeded: 25084 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25084 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31352 | 1 Juniper | 1 Session And Resource Control | 2024-11-21 | 5.3 Medium |
| An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit this vulnerability to display plaintext bits from a block of ciphertext and obtain sensitive information. This issue affects all Juniper Networks SRC Series versions prior to 4.13.0-R6. | ||||
| CVE-2021-31341 | 1 Mendix | 1 Database Replication | 2024-11-21 | 4.3 Medium |
| Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication Module (All versions prior to v7.0.1). | ||||
| CVE-2021-31339 | 1 Mendix | 1 Excel Importer | 2024-11-21 | 4.3 Medium |
| A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework. | ||||
| CVE-2021-31232 | 1 Linuxfoundation | 1 Cortex | 2024-11-21 | 5.5 Medium |
| The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth password_file can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack vector to send any file content because the alertmanager can load any text file specified in the templates list. | ||||
| CVE-2021-31159 | 1 Zohocorp | 1 Manageengine Servicedesk Plus Msp | 2024-11-21 | 5.3 Medium |
| Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732. | ||||
| CVE-2021-30917 | 1 Apple | 7 Ipad Os, Ipados, Iphone Os and 4 more | 2024-11-21 | 7.8 High |
| A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
| CVE-2021-30897 | 2 Apple, Redhat | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-21 | 6.5 Medium |
| An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. | ||||
| CVE-2021-30884 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2024-11-21 | 4.7 Medium |
| The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. | ||||
| CVE-2021-30881 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 7.8 High |
| An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Unpacking a maliciously crafted archive may lead to arbitrary code execution. | ||||
| CVE-2021-30862 | 1 Apple | 1 Itunes U | 2024-11-21 | 6.1 Medium |
| A validation issue was addressed with improved input sanitization. This issue is fixed in iTunes U 3.8.3. Processing a maliciously crafted URL may lead to arbitrary javascript code execution. | ||||
| CVE-2021-30799 | 2 Apple, Redhat | 5 Iphone Os, Mac Os X, Macos and 2 more | 2024-11-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30797 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 8.8 High |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. | ||||
| CVE-2021-30795 | 2 Apple, Redhat | 7 Iphone Os, Macos, Safari and 4 more | 2024-11-21 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30763 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2024-11-21 | 5.5 Medium |
| An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.7, watchOS 7.6. A shortcut may be able to bypass Internet permission requirements. | ||||
| CVE-2021-30749 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30744 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 6.1 Medium |
| Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||
| CVE-2021-30734 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30720 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 5.4 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. | ||||
| CVE-2021-30693 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 7.8 High |
| A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
| CVE-2021-30682 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2024-11-21 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. | ||||