Export limit exceeded: 349524 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 35128 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35128 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46486 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| Jsish v3.5.0 was discovered to contain a SEGV vulnerability via jsi_ArraySpliceCmd at src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2021-46485 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_ValueIsNumber at src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2021-46462 | 1 F5 | 1 Njs | 2024-11-21 | 7.5 High |
| njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c. | ||||
| CVE-2021-46442 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2024-11-21 | 9.8 Critical |
| In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization. | ||||
| CVE-2021-46434 | 1 Emqx | 1 Emqx | 2024-11-21 | 5.3 Medium |
| EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given username was valid | ||||
| CVE-2021-46433 | 1 Fenom Project | 1 Fenom | 2024-11-21 | 10.0 Critical |
| In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true. | ||||
| CVE-2021-46424 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2024-11-21 | 9.1 Critical |
| Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request. | ||||
| CVE-2021-46423 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2024-11-21 | 5.3 Medium |
| Telesquare TLR-2005KSH 1.0.0 is affected by an unauthenticated file download vulnerability that allows a remote attacker to download a full configuration file. | ||||
| CVE-2021-46361 | 1 Magnolia-cms | 1 Magnolia Cms | 2024-11-21 | 9.8 Critical |
| An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execute arbitrary code via a crafted FreeMarker payload. | ||||
| CVE-2021-46359 | 1 Fisco-bcos | 1 Fisco-bcos | 2024-11-21 | 7.5 High |
| FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks. | ||||
| CVE-2021-46331 | 1 Moddable | 1 Moddable Sdk | 2024-11-21 | 5.5 Medium |
| Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsProxy.c in fxProxyGetPrototype. | ||||
| CVE-2021-46330 | 1 Moddable | 1 Moddable Sdk | 2024-11-21 | 5.5 Medium |
| Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsDataView.c in fx_ArrayBuffer_prototype_concat. | ||||
| CVE-2021-46329 | 1 Moddable | 1 Moddable Sdk | 2024-11-21 | 5.5 Medium |
| Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via the component _fini. | ||||
| CVE-2021-46327 | 1 Moddable | 1 Moddable Sdk | 2024-11-21 | 5.5 Medium |
| Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsArray.c in fx_Array_prototype_sort. | ||||
| CVE-2021-46323 | 1 Espruino | 1 Espruino | 2024-11-21 | 5.5 Medium |
| Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass. | ||||
| CVE-2021-46313 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function __memmove_avx_unaligned_erms (). This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2021-46255 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 8.1 High |
| eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion due to insufficient filtering of the parameter filename. | ||||
| CVE-2021-46250 | 1 Scratchoauth2 Project | 1 Scratchoauth2 | 2024-11-21 | 10 Critical |
| An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879bd58fa83b09283c0708a1864cdf067c64a allows attackers to authenticate as other users on downstream components that rely on ScratchOAuth2. | ||||
| CVE-2021-46165 | 1 Zohocorp | 1 Manageengine Desktop Central | 2024-11-21 | 7.8 High |
| Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined. | ||||
| CVE-2021-46164 | 1 Zohocorp | 1 Manageengine Desktop Central | 2024-11-21 | 8.8 High |
| Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module. | ||||