Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30580 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page. | |||||
| CVE-2021-30577 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-07-12 | 6.8 MEDIUM | 7.8 HIGH |
| Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||||
| CVE-2021-37848 | 1 Pengutronix | 1 Barebox | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison. | |||||
| CVE-2021-22446 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||||
| CVE-2021-22397 | 1 Huawei | 1 Manageone | 2022-07-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service. | |||||
| CVE-2021-20541 | 1 Ibm | 1 Cloud Pak For Security | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927. | |||||
| CVE-2021-20540 | 1 Ibm | 1 Cloud Pak For Security | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923. | |||||
| CVE-2021-20539 | 1 Ibm | 1 Cloud Pak For Security | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198920. | |||||
| CVE-2021-29741 | 1 Ibm | 2 Aix, Vios | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell (ksh) to gain root privileges. IBM X-Force ID: 201478. | |||||
| CVE-2021-37160 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation (e.g., cryptographic signature validation) during a File Upload for a firmware update. | |||||
| CVE-2021-37601 | 1 Prosody | 1 Prosody | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations. | |||||
| CVE-2021-37587 | 1 Jhu | 1 Charm | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data. | |||||
| CVE-2021-27637 | 1 Sap | 1 Enable Now | 2022-07-12 | 1.9 LOW | 4.6 MEDIUM |
| Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions - 1.0, 10 allows an attacker to access information which would otherwise be restricted leading to information disclosure. | |||||
| CVE-2021-27621 | 1 Sap | 1 Netweaver Application Server For Java | 2022-07-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name. | |||||
| CVE-2021-33668 | 1 Sap | 1 Infrabox | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| Due to improper input sanitization, specially crafted LDAP queries can be injected by an unauthenticated user. This could partially impact the confidentiality of the application. | |||||
| CVE-2021-33742 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-07-12 | 6.8 MEDIUM | 8.8 HIGH |
| Windows MSHTML Platform Remote Code Execution Vulnerability | |||||
| CVE-2021-31948 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2022-07-12 | 5.5 MEDIUM | 8.1 HIGH |
| Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31950, CVE-2021-31964. | |||||
| CVE-2021-31201 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31199. | |||||
| CVE-2021-31199 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31201. | |||||
| CVE-2021-22217 | 1 Gitlab | 1 Gitlab | 2022-07-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a specially crafted issue or merge request | |||||