Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40046 | 1 Huawei | 1 Pcmanager | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege. | |||||
| CVE-2021-44747 | 1 F-secure | 5 Atlant, Elements Endpoint Protection, Internet Gatekeeper and 2 more | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the Fmlib component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. | |||||
| CVE-2020-4925 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 191599. | |||||
| CVE-2021-38872 | 1 Ibm | 1 Datapower Gateway | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348. | |||||
| CVE-2021-38971 | 1 Ibm | 1 Data Virtualization On Cloud Pak For Data | 2022-07-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620. | |||||
| CVE-2021-3254 | 1 Asus | 2 Dsl-n14u-b1, Dsl-n14u-b1 Firmware | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap. | |||||
| CVE-2021-32025 | 1 Blackberry | 4 Qnx Momentics, Qnx Os For Medical, Qnx Os For Safety and 1 more | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0.0 to 1.1.1, and QNX OS for Medical version 2.0.0 could allow an attacker to potentially access data, modify behavior, or permanently crash the system. | |||||
| CVE-2021-38989 | 1 Ibm | 2 Aix, Vios | 2022-07-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212951. | |||||
| CVE-2021-30776 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination. | |||||
| CVE-2021-35211 | 1 Solarwinds | 1 Serv-u | 2022-07-12 | 10.0 HIGH | 10.0 CRITICAL |
| Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability. | |||||
| CVE-2021-34396 | 1 Nvidia | 5 Jetson Linux, Jetson Tx2, Jetson Tx2 4gb and 2 more | 2022-07-12 | 2.1 LOW | 2.3 LOW |
| Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service. | |||||
| CVE-2021-37113 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-33820 | 1 Ui | 2 Camera G3 Flex, Camera G3 Flex Firmware | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service. | |||||
| CVE-2021-33823 | 1 Moxa | 2 Mgate Mb3180, Mgate Mb3180 Firmware | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service. | |||||
| CVE-2021-22517 | 1 Microfocus | 1 Data Protector | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data. | |||||
| CVE-2021-22519 | 1 Microfocus | 1 Sitescope | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow remote attackers to execute arbitrary code on affected installations of SiteScope. | |||||
| CVE-2021-33205 | 1 Westerndigital | 1 Edgerover | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious activities such as creating a fake library and stealing user credentials. | |||||
| CVE-2021-31864 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler. | |||||
| CVE-2021-31865 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments. | |||||
| CVE-2021-31857 | 1 Zohocorp | 1 Manageengine Password Manager Pro | 2022-07-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types. | |||||