Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20032 | 1 Sonicwall | 1 Analytics | 2021-08-19 | 7.5 HIGH | 9.8 CRITICAL |
| SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier. | |||||
| CVE-2021-26423 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2021-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| .NET Core and Visual Studio Denial of Service Vulnerability | |||||
| CVE-2021-38531 | 1 Netgear | 24 Ac2100, Ac2100 Firmware, Ac2400 and 21 more | 2021-08-19 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, and AC2400 before 1.2.0.76. | |||||
| CVE-2020-24742 | 1 Qt | 1 Qt | 2021-08-19 | 6.8 MEDIUM | 7.8 HIGH |
| An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. | |||||
| CVE-2021-38532 | 1 Netgear | 2 Wac104, Wac104 Firmware | 2021-08-19 | 6.5 MEDIUM | 7.2 HIGH |
| NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings. | |||||
| CVE-2021-38515 | 1 Netgear | 8 R6400, R6400 Firmware, R6700 and 5 more | 2021-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by denial of service. This affects R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R7900 before 1.0.3.18, and R8000 before 1.0.4.46. | |||||
| CVE-2021-26428 | 1 Microsoft | 1 Azure Sphere | 2021-08-18 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-22902 | 1 Rubyonrails | 1 Rails | 2021-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service vulnerability in the Mime type parser of Action Dispatch. Carefully crafted Accept headers can cause the mime type parser in Action Dispatch to do catastrophic backtracking in the regular expression engine. | |||||
| CVE-2021-34524 | 1 Microsoft | 1 Dynamics 365 | 2021-08-18 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | |||||
| CVE-2021-34532 | 1 Microsoft | 2 Asp.net Core, Visual Studio 2019 | 2021-08-18 | 2.1 LOW | 5.5 MEDIUM |
| ASP.NET Core and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2021-34485 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2021-08-18 | 2.1 LOW | 5.5 MEDIUM |
| .NET Core and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2021-26433 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36926, CVE-2021-36932, CVE-2021-36933. | |||||
| CVE-2021-33699 | 1 Sap | 1 Fiori Client | 2021-08-17 | 3.3 LOW | 6.5 MEDIUM |
| Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information. | |||||
| CVE-2020-36433 | 1 Aeplay | 1 Chunky | 2021-08-17 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the chunky crate through 2020-08-25 for Rust. The Chunk API does not honor an alignment requirement. | |||||
| CVE-2020-8241 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2021-08-17 | 5.1 MEDIUM | 7.5 HIGH |
| A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server. | |||||
| CVE-2020-8248 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2021-08-17 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. | |||||
| CVE-2020-8239 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2021-08-17 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC. | |||||
| CVE-2020-8255 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2021-08-17 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages. | |||||
| CVE-2020-8250 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2021-08-17 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. | |||||
| CVE-2021-34432 | 1 Eclipse | 1 Mosquitto | 2021-08-17 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0. | |||||