Export limit exceeded: 25077 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25077 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25738 | 1 Kubernetes | 1 Java | 2024-11-21 | 6.7 Medium |
| Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution. | ||||
| CVE-2021-25737 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-11-21 | 2.7 Low |
| A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs. | ||||
| CVE-2021-25735 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-11-21 | 6.5 Medium |
| A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields. | ||||
| CVE-2021-25683 | 1 Canonical | 1 Apport | 2024-11-21 | 8.8 High |
| It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel. | ||||
| CVE-2021-25682 | 1 Canonical | 1 Apport | 2024-11-21 | 8.8 High |
| It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel. | ||||
| CVE-2021-25652 | 1 Avaya | 1 Aura Appliance Virtualization Platform | 2024-11-21 | 4.9 Medium |
| An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities (AVPU). This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects versions 8.0.0.0 through 8.1.3.1 of AVPU. | ||||
| CVE-2021-25649 | 1 Avaya | 1 Aura Utility Services | 2024-11-21 | 4.9 Medium |
| An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects all 7.x versions of Avaya Aura Utility Services | ||||
| CVE-2021-25520 | 1 Samsung | 1 Internet | 2024-11-21 | 5.9 Medium |
| Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet. | ||||
| CVE-2021-25519 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission. | ||||
| CVE-2021-25517 | 1 Google | 1 Android | 2024-11-21 | 7.7 High |
| An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution. | ||||
| CVE-2021-25512 | 1 Google | 1 Android | 2024-11-21 | 6.1 Medium |
| An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2021-25511 | 1 Google | 1 Android | 2024-11-21 | 6.3 Medium |
| An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability. | ||||
| CVE-2021-25510 | 1 Google | 1 Android | 2024-11-21 | 5.3 Medium |
| An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution. | ||||
| CVE-2021-25509 | 1 Samsung | 1 Samsung Flow | 2024-11-21 | 5.9 Medium |
| A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders. | ||||
| CVE-2021-25504 | 1 Samsung | 1 Group Sharing | 2024-11-21 | 4 Medium |
| Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information. | ||||
| CVE-2021-25503 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 5 Medium |
| Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution. | ||||
| CVE-2021-25500 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 7.2 High |
| A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. | ||||
| CVE-2021-25486 | 1 Google | 1 Android | 2024-11-21 | 2.5 Low |
| Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log. | ||||
| CVE-2021-25485 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | ||||
| CVE-2021-25471 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 3.7 Low |
| A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | ||||