Export limit exceeded: 352377 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 352377 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81259 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43054 | 1 Tibco | 1 Eftl | 2024-11-21 | 7.1 High |
| The eFTL Server component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to generate API tokens that can access any other channel with arbitrary permissions. Affected releases are TIBCO Software Inc.'s TIBCO eFTL - Community Edition: versions 6.7.2 and below, TIBCO eFTL - Developer Edition: versions 6.7.2 and below, and TIBCO eFTL - Enterprise Edition: versions 6.7.2 and below. | ||||
| CVE-2021-43053 | 1 Tibco | 1 Ftl | 2024-11-21 | 8.5 High |
| The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a difficult to exploit vulnerability that allows an unauthenticated attacker with network access to obtain the cluster secret of another application connected to the realm server. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.7.2 and below, TIBCO FTL - Developer Edition: versions 6.7.2 and below, and TIBCO FTL - Enterprise Edition: versions 6.7.2 and below. | ||||
| CVE-2021-43051 | 1 Tibco | 1 Spotfire Server | 2024-11-21 | 7.1 High |
| The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire Server, and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows malicious custom API clients with network access to execute internal API operations outside of the scope of those granted to it. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Server: versions 10.10.6 and below, TIBCO Spotfire Server: versions 11.0.0, 11.1.0, 11.2.0, 11.3.0, 11.4.0, and 11.4.1, and TIBCO Spotfire Server: versions 11.5.0 and 11.6.0. | ||||
| CVE-2021-43050 | 1 Tibco | 1 Businessconnect | 2024-11-21 | 8.4 High |
| The Auth Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with local access to obtain administrative usernames and passwords for the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below. | ||||
| CVE-2021-43046 | 1 Tibco | 1 Partnerexpress | 2024-11-21 | 7.5 High |
| The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain session tokens for the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO PartnerExpress: versions 6.2.1 and below. | ||||
| CVE-2021-43045 | 1 Apache | 1 Avro | 2024-11-21 | 7.5 High |
| A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue. | ||||
| CVE-2021-43041 | 1 Kaseya | 1 Unitrends Backup | 2024-11-21 | 8.8 High |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP request could induce a format string vulnerability in the privileged vaultServer application. | ||||
| CVE-2021-43040 | 1 Kaseya | 1 Unitrends Backup | 2024-11-21 | 8.8 High |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged vaultServer could be leveraged to create arbitrary writable files, leading to privilege escalation. | ||||
| CVE-2021-43038 | 1 Kaseya | 1 Unitrends Backup | 2024-11-21 | 8.8 High |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The wguest account could execute commands by injecting into PostgreSQL trigger functions. This allowed privilege escalation from the wguest user to the postgres user. | ||||
| CVE-2021-43037 | 1 Kaseya | 1 Unitrends Backup | 2024-11-21 | 7.8 High |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM. | ||||
| CVE-2021-43034 | 1 Kaseya | 1 Unitrends Backup | 2024-11-21 | 7.8 High |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation. | ||||
| CVE-2021-43018 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPG file. | ||||
| CVE-2021-43010 | 1 Safedog | 1 Safedog Apache | 2024-11-21 | 7.5 High |
| In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data. | ||||
| CVE-2021-43008 | 2 Adminer, Debian | 2 Adminer, Debian Linux | 2024-11-21 | 7.5 High |
| Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database. | ||||
| CVE-2021-43006 | 1 Amzetta | 1 Zportal Dvm Tools | 2024-11-21 | 8.8 High |
| AmZetta Amzetta zPortal DVM Tools is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | ||||
| CVE-2021-43003 | 1 Amzetta | 1 Zportal Windows Zclient | 2024-11-21 | 8.8 High |
| Amzetta zPortal Windows zClient is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | ||||
| CVE-2021-43002 | 1 Amzetta | 1 Zportal Dvm Tools | 2024-11-21 | 8.8 High |
| Amzetta zPortal DVM Tools is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | ||||
| CVE-2021-43000 | 1 Amzetta | 1 Zportal Windows Zclient | 2024-11-21 | 8.8 High |
| Amzetta zPortal Windows zClient is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | ||||
| CVE-2021-42996 | 1 Donglify | 1 Donglify | 2024-11-21 | 8.8 High |
| Donglify is affected by Integer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | ||||
| CVE-2021-42994 | 1 Donglify | 1 Donglify | 2024-11-21 | 8.8 High |
| Donglify is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | ||||