Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31153 | 1 Please Project | 1 Please | 2022-07-12 | 2.1 LOW | 3.3 LOW |
| please before 0.4 allows a local unprivileged attacker to gain knowledge about the existence of files or directories in privileged locations via the search_path function, the --check option, or the -d option. | |||||
| CVE-2021-30477 | 1 Zulip | 1 Zulip Server | 2022-07-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to messages sent by outgoing webhooks to private streams meant that an outgoing webhook bot could be used to send messages to private streams that the user was not intended to be able to send messages to. | |||||
| CVE-2021-29747 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain highly sensitive information due to a vulnerability in the authentication mechanism. IBM X-Force ID: 201775. | |||||
| CVE-2021-29751 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2022-07-12 | 3.5 LOW | 4.3 MEDIUM |
| IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779. | |||||
| CVE-2021-29711 | 1 Ibm | 1 Urbancode Deploy | 2022-07-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface. IBM X-Force ID: 200965. | |||||
| CVE-2021-29754 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID: 202006. | |||||
| CVE-2021-29736 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID: 201300. | |||||
| CVE-2021-27792 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service crash. An authenticated attacker could use this weakness to cause the FOS HTTP application handler to crash, requiring a reboot. | |||||
| CVE-2021-29144 | 1 Arubanetworks | 1 Clearpass | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-29141 | 1 Arubanetworks | 1 Clearpass | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-29151 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2022-07-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2020-15383 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic. | |||||
| CVE-2021-29152 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2022-07-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| A remote denial of service (DoS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-29138 | 1 Arubanetworks | 1 Clearpass | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-29065 | 1 Netgear | 2 Rbr850, Rbr850 Firmware | 2022-07-12 | 8.3 HIGH | 9.6 CRITICAL |
| NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass. | |||||
| CVE-2021-29066 | 1 Netgear | 10 Rbk852, Rbk852 Firmware, Rbk853 and 7 more | 2022-07-12 | 8.3 HIGH | 9.6 CRITICAL |
| Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-36791 | 1 Dated News Project | 1 Dated News | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data. | |||||
| CVE-2021-38088 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking. | |||||
| CVE-2021-44077 | 1 Zohocorp | 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcenter Plus | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration. | |||||
| CVE-2021-37349 | 1 Nagios | 1 Nagios Xi | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because cleaner.php does not sanitise input read from the database. | |||||