Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37054 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-37039 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 3.3 LOW | 6.5 MEDIUM |
| There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS. | |||||
| CVE-2021-37051 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||||
| CVE-2021-37037 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 7.8 HIGH | 7.5 HIGH |
| There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart. | |||||
| CVE-2021-36760 | 1 Wso2 | 4 Api Manager, Identity Server, Identity Server As Key Manager and 1 more | 2021-12-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affecting the callback parameter modifying the URL that precedes the callback parameter. Once the username or password reset procedure is completed, the JavaScript code will be executed. (recoverpassword.do also has an open redirect issue for a similar reason.) | |||||
| CVE-2021-37081 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to nearby crash. | |||||
| CVE-2021-37011 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 9.4 HIGH | 9.1 CRITICAL |
| There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. | |||||
| CVE-2021-37021 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. | |||||
| CVE-2021-37020 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. | |||||
| CVE-2021-37014 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device cannot be used properly. | |||||
| CVE-2021-37043 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources. | |||||
| CVE-2021-43176 | 1 Goautodial | 2 Goautodial, Goautodial Api | 2021-12-09 | 6.5 MEDIUM | 8.8 HIGH |
| The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied “action” parameter and appends a .php file extension to locate and load the correct PHP file to implement the API call. Vulnerable versions of GOautodial do not sanitize the user input that specifies the action. This permits an attacker to execute any PHP source file with a .php extension that is present on the disk and readable by the GOautodial web server process. Combined with CVE-2021-43175, it is possible for the attacker to do this without valid credentials. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C | |||||
| CVE-2021-42757 | 1 Fortinet | 4 Fortianalyzer, Fortimanager, Fortios and 1 more | 2021-12-09 | 4.6 MEDIUM | 6.7 MEDIUM |
| A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. | |||||
| CVE-2021-37048 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to fake visitors to control PC,play a video,etc. | |||||
| CVE-2021-37060 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to SAMGR Heap Address Leakage. | |||||
| CVE-2021-37059 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| There is a Weaknesses Introduced During Design | |||||
| CVE-2021-37057 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 7.8 HIGH | 7.5 HIGH |
| There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to restart the phone. | |||||
| CVE-2021-37065 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality or Availability impacted. | |||||
| CVE-2021-37063 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| There is a Cryptographic Issues vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to read and delete images of Harmony devices. | |||||
| CVE-2021-37062 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage. | |||||