Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15386 | 1 Broadcom | 1 Fabric Operating System | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. | |||||
| CVE-2021-20539 | 1 Ibm | 1 Cloud Pak For Security | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198920. | |||||
| CVE-2021-20540 | 1 Ibm | 1 Cloud Pak For Security | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923. | |||||
| CVE-2021-20541 | 1 Ibm | 1 Cloud Pak For Security | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927. | |||||
| CVE-2021-20488 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Security Identity Manager, Linux Kernel and 2 more | 2022-07-12 | 3.5 LOW | 6.5 MEDIUM |
| IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789. | |||||
| CVE-2021-22449 | 1 Huawei | 1 Elf-g10hn | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device. | |||||
| CVE-2021-20099 | 2 Microsoft, Tenable | 2 Windows, Nessus | 2022-07-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100. | |||||
| CVE-2021-20100 | 2 Microsoft, Tenable | 2 Windows, Nessus | 2022-07-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20099. | |||||
| CVE-2021-20079 | 1 Tenable | 1 Nessus | 2022-07-12 | 7.2 HIGH | 6.7 MEDIUM |
| Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | |||||
| CVE-2021-28847 | 1 Mobatek | 1 Mobaxterm | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. | |||||
| CVE-2021-27621 | 1 Sap | 1 Netweaver Application Server For Java | 2022-07-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name. | |||||
| CVE-2021-27579 | 1 Snowsoftware | 1 Snow Inventory Agent | 2022-07-12 | 4.4 MEDIUM | 7.8 HIGH |
| Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists if CPUID is enabled, and thus it should be disabled via configuration settings. | |||||
| CVE-2021-27594 | 1 Sap | 1 3d Visual Enterprise Viewer | 2022-07-12 | 4.3 MEDIUM | 3.3 LOW |
| When a user opens manipulated Windows Bitmap (.BMP) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | |||||
| CVE-2021-27595 | 1 Sap | 1 3d Visual Enterprise Viewer | 2022-07-12 | 4.3 MEDIUM | 3.3 LOW |
| When a user opens manipulated Portable Document Format (.PDF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | |||||
| CVE-2021-24104 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2022-07-12 | 5.8 MEDIUM | 5.4 MEDIUM |
| Microsoft SharePoint Spoofing Vulnerability | |||||
| CVE-2021-1638 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE-2021-1684. | |||||
| CVE-2021-1052 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Gpu Driver | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. | |||||
| CVE-2021-27596 | 1 Sap | 1 3d Visual Enterprise Viewer | 2022-07-12 | 4.3 MEDIUM | 3.3 LOW |
| When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | |||||
| CVE-2021-29880 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be vulnerable to information disclosure between tenants by routing SIEM data to the incorrect domain. IBM X-Force ID: 206979. | |||||
| CVE-2021-21980 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information. | |||||