Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40323 | 1 Cobbler Project | 1 Cobbler | 2021-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection. | |||||
| CVE-2021-40325 | 1 Cobbler Project | 1 Cobbler | 2021-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| Cobbler before 3.3.0 allows authorization bypass for modification of settings. | |||||
| CVE-2021-41596 | 1 Salesagility | 1 Suitecrm | 2021-10-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality. | |||||
| CVE-2021-41595 | 1 Salesagility | 1 Suitecrm | 2021-10-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the file_name parameter of the Step3 import functionality. | |||||
| CVE-2021-39873 | 1 Gitlab | 1 Gitlab | 2021-10-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| In all versions of GitLab CE/EE, there exists a content spoofing vulnerability which may be leveraged by attackers to trick users into visiting a malicious website by spoofing the content in an error response. | |||||
| CVE-2021-34699 | 1 Cisco | 2 Ios, Ios Xe | 2021-10-12 | 6.8 MEDIUM | 7.7 HIGH |
| A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. | |||||
| CVE-2021-39871 | 1 Gitlab | 1 Gitlab | 2021-10-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call. | |||||
| CVE-2021-39868 | 1 Gitlab | 1 Gitlab | 2021-10-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export. | |||||
| CVE-2021-41100 | 1 Wire | 1 Wire-server | 2021-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| Wire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session token in the `Authorization` header. As the short-lived token is only meant as means of authentication by the client for less critical requests to the backend, the ability to change the email address with a short-lived token constitutes a privilege escalation attack. Since the attacker can change the password after setting the email address to one that they control, changing the email address can result in an account takeover by the attacker. Short-lived tokens can be requested from the backend by Wire clients using the long lived tokens, after which the long lived tokens can be stored securely, for example on the devices key chain. The short lived tokens can then be used to authenticate the client towards the backend for frequently performed actions such as sending and receiving messages. While short-lived tokens should not be available to an attacker per-se, they are used more often and in the shape of an HTTP header, increasing the risk of exposure to an attacker relative to the long-lived tokens, which are stored and transmitted in cookies. If you are running an on-prem instance and provision all users with SCIM, you are not affected by this issue (changing email is blocked for SCIM users). SAML single-sign-on is unaffected by this issue, and behaves identically before and after this update. The reason is that the email address used as SAML NameID is stored in a different location in the databse from the one used to contact the user outside wire. Version 2021-08-16 and later provide a new end-point that requires both the long-lived client cookie and `Authorization` header. The old end-point has been removed. If you are running an on-prem instance with at least some of the users invited or provisioned via SAML SSO and you cannot update then you can block `/self/email` on nginz (or in any other proxies or firewalls you may have set up). You don't need to discriminate by verb: `/self/email` only accepts `PUT` and `DELETE`, and `DELETE` is almost never used. | |||||
| CVE-2021-37333 | 1 Bookingcore | 1 Booking Core | 2021-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| Laravel Booking System Booking Core 2.0 is vulnerable to Session Management. A password change at sandbox.bookingcore.org/user/profile/change-password does not invalidate a session that is opened in a different browser. | |||||
| CVE-2021-41118 | 1 Dynamicpagelist3 Project | 1 Dynamicpagelist3 | 2021-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. In affected versions unsanitised input of regular expression date within the parameters of the DPL parser function, allowed for the possibility of ReDoS (Regex Denial of Service). This has been resolved in version 3.3.6. If you are unable to update you may also set `$wgDplSettings['functionalRichness'] = 0;` or disable DynamicPageList3 to mitigate. | |||||
| CVE-2021-37330 | 1 Bookingcore | 1 Booking Core | 2021-10-12 | 3.5 LOW | 5.4 MEDIUM |
| Laravel Booking System Booking Core 2.0 is vulnerable to Cross Site Scripting (XSS). The Avatar upload in the My Profile section could be exploited to upload a malicious SVG file which contains Javascript. Now if another user/admin views the profile and clicks to view his avatar, an XSS will trigger. | |||||
| CVE-2021-41651 | 1 Hotel Management System Project | 1 Hotel Management System | 2021-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in process_update_profile.php. | |||||
| CVE-2021-39869 | 1 Gitlab | 1 Gitlab | 2021-10-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project. | |||||
| CVE-2021-39433 | 1 Biqs | 1 Biqsdrive | 2021-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user. | |||||
| CVE-2021-39867 | 1 Gitlab | 1 Gitlab | 2021-10-12 | 5.5 MEDIUM | 8.1 HIGH |
| In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks. | |||||
| CVE-2021-42006 | 1 Gclib Project | 1 Gclib | 2021-10-12 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file. | |||||
| CVE-2021-39882 | 1 Gitlab | 1 Gitlab | 2021-10-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| In all versions of GitLab CE/EE, provided a user ID, anonymous users can use a few endpoints to retrieve information about any GitLab user. | |||||
| CVE-2021-39875 | 1 Gitlab | 1 Gitlab | 2021-10-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visiting an API endpoint. | |||||
| CVE-2021-38823 | 1 Icehrm | 1 Icehrm | 2021-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an admin account does not invalidate an admin session that is opened in a different browser. | |||||