Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0598 | 1 Google | 1 Android | 2021-10-07 | 4.4 MEDIUM | 7.3 HIGH |
| In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180422108 | |||||
| CVE-2021-0635 | 1 Google | 1 Android | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion:Android-10Android ID: A-189402477 | |||||
| CVE-2021-0695 | 1 Google | 1 Android | 2021-10-07 | 2.1 LOW | 5.5 MEDIUM |
| In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-184018316References: Upstream kernel | |||||
| CVE-2021-0693 | 1 Google | 1 Android | 2021-10-07 | 2.1 LOW | 5.5 MEDIUM |
| In openFile of HeapDumpProvider.java, there is a possible way to retrieve generated heap dumps from debuggable apps due to an unprotected provider. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-184046948 | |||||
| CVE-2021-0691 | 1 Google | 1 Android | 2021-10-07 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-188554048 | |||||
| CVE-2021-0690 | 1 Google | 1 Android | 2021-10-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-182152757 | |||||
| CVE-2021-0689 | 1 Google | 1 Android | 2021-10-07 | 2.1 LOW | 5.5 MEDIUM |
| In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-190188264 | |||||
| CVE-2021-0688 | 1 Google | 1 Android | 2021-10-07 | 4.4 MEDIUM | 7.0 HIGH |
| In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-161149543 | |||||
| CVE-2021-0685 | 1 Google | 1 Android | 2021-10-07 | 4.6 MEDIUM | 7.8 HIGH |
| In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization/deserialization mismatch due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-191055353 | |||||
| CVE-2021-0684 | 1 Google | 1 Android | 2021-10-07 | 4.6 MEDIUM | 7.8 HIGH |
| In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179839665 | |||||
| CVE-2021-0683 | 1 Google | 1 Android | 2021-10-07 | 4.6 MEDIUM | 7.8 HIGH |
| In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-185398942 | |||||
| CVE-2021-41109 | 1 Parseplatform | 1 Parse-server | 2021-10-07 | 4.3 MEDIUM | 7.5 HIGH |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.4, for regular (non-LiveQuery) queries, the session token is removed from the response, but for LiveQuery payloads it is currently not. If a user has a LiveQuery subscription on the `Parse.User` class, all session tokens created during user sign-ups will be broadcast as part of the LiveQuery payload. A patch in version 4.10.4 removes session tokens from the LiveQuery payload. As a workaround, set `user.acl(new Parse.ACL())` in a beforeSave trigger to make the user private already on sign-up. | |||||
| CVE-2021-24016 | 1 Fortinet | 1 Fortimanager | 2021-10-07 | 9.3 HIGH | 6.3 MEDIUM |
| An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host. | |||||
| CVE-2021-41729 | 1 Baicloud-cms Project | 1 Baicloud-cms | 2021-10-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an attacker to delete arbitrary files on the server through /user/ppsave.php. | |||||
| CVE-2021-34705 | 1 Cisco | 2 Ios, Ios Xe | 2021-10-07 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces. An attacker could exploit this vulnerability by sending a malformed dial string to an affected device via either the ISDN protocol or SIP. A successful exploit could allow the attacker to conduct toll fraud, resulting in unexpected financial impact to affected customers. | |||||
| CVE-2021-24017 | 1 Fortinet | 1 Fortimanager | 2021-10-07 | 4.0 MEDIUM | 4.3 MEDIUM |
| An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler. | |||||
| CVE-2021-36298 | 1 Dell | 2 Isilon Insightiq, Isilon Insightiq Firmware | 2021-10-07 | 7.5 HIGH | 9.8 CRITICAL |
| Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; so Dell recommends customers to upgrade at the earliest opportunity. | |||||
| CVE-2021-35297 | 1 Scalabium | 1 Dbase Viewer | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to remote code execution via a crafted DBF file that triggers a buffer overflow. An attacker can use the Structured Exception Handler (SEH) records and redirect execution to attacker-controlled code. | |||||
| CVE-2021-41101 | 1 Wire | 1 Wire Server | 2021-10-07 | 3.5 LOW | 5.7 MEDIUM |
| wire-server is an open-source back end for Wire, a secure collaboration platform. Before version 2.106.0, the CORS ` Access-Control-Allow-Origin ` header set by `nginz` is set for all subdomains of `.wire.com` (including `wire.com`). This means that if somebody were to find an XSS vector in any of the subdomains, they could use it to talk to the Wire API using the user's Cookie. A patch does not exist, but a workaround does. To make sure that a compromise of one subdomain does not yield access to the cookie of another, one may limit the `Access-Control-Allow-Origin` header to apps that actually require the cookie (account-pages, team-settings and the webapp). | |||||
| CVE-2021-23893 | 1 Mcafee | 1 Drive Encryption | 2021-10-07 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an unutilized memory buffer. | |||||