Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-19158 | 1 S-cms | 1 S-cms | 2021-09-22 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'. | |||||
| CVE-2020-19157 | 1 Wenkucms Project | 1 Wenkucms | 2021-09-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers to execute arbitrary code via the 'Intro' parameter for the component '/index.php?m=ucenter&a=index'. | |||||
| CVE-2021-21489 | 1 Sap | 1 Netweaver Enterprise Portal | 2021-09-22 | 3.5 LOW | 4.8 MEDIUM |
| SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability. This would allow an attacker with administrative privileges to store a malicious script on the portal. The execution of the script content by a victim registered on the portal could compromise the confidentiality and integrity of portal content. | |||||
| CVE-2021-32202 | 1 Cs-cart | 1 Cs-cart | 2021-09-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| In CS-Cart version 4.11.1, it is possible to induce copy-paste XSS by manipulating the "post description" filed in the blog post creation page. | |||||
| CVE-2021-39562 | 1 Swftools | 1 Swftools | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function FileStream::makeSubStream() located in Stream.cc. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-39564 | 1 Swftools | 1 Swftools | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-39563 | 1 Swftools | 1 Swftools | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swf_DumpActions() located in swfaction.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-39574 | 1 Swftools | 1 Swftools | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function pool_read() located in pool.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-39569 | 1 Swftools | 1 Swftools | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function OpAdvance() located in swfaction.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-1909 | 1 Qualcomm | 654 Apq8009, Apq8009 Firmware, Apq8009w and 651 more | 2021-09-22 | 7.2 HIGH | 7.8 HIGH |
| Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-39577 | 1 Swftools | 1 Swftools | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function main() located in swfdump.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-39575 | 1 Swftools | 1 Swftools | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function dump_method() located in abc.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-1946 | 1 Qualcomm | 196 Apq8017, Apq8017 Firmware, Apq8053 and 193 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-1948 | 1 Qualcomm | 436 Apq8053, Apq8053 Firmware, Apq8064au and 433 more | 2021-09-22 | 7.8 HIGH | 7.5 HIGH |
| Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1941 | 1 Qualcomm | 430 Apq8064au, Apq8064au Firmware, Apq8096au and 427 more | 2021-09-22 | 7.8 HIGH | 7.5 HIGH |
| Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-1952 | 1 Qualcomm | 214 Aqt1000, Aqt1000 Firmware, Ar8031 and 211 more | 2021-09-22 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer over read occurs due to lack of length check of request buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | |||||
| CVE-2021-39582 | 1 Swftools | 1 Swftools | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located in swfobject.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-39579 | 1 Swftools | 1 Swftools | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function string_hash() located in q.c. It allows an attacker to cause code Execution. | |||||
| CVE-2020-29075 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-09-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-39585 | 1 Swftools | 1 Swftools | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service. | |||||