Total
29447 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20772 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Information disclosure vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the title of Bulletin without the viewing privilege. | |||||
| CVE-2021-20768 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege. | |||||
| CVE-2021-20763 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege. | |||||
| CVE-2021-20759 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | |||||
| CVE-2021-20757 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | |||||
| CVE-2021-20756 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege. | |||||
| CVE-2021-20755 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege. | |||||
| CVE-2021-20730 | 1 Buffalo | 4 Wsr-1166dhp3, Wsr-1166dhp3 Firmware, Wsr-1166dhp4 and 1 more | 2024-11-21 | 3.3 LOW | 4.3 MEDIUM |
| Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors. | |||||
| CVE-2021-20728 | 1 Nttr | 1 Goo Blog | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in goo blog App for Android ver.1.2.25 and earlier and for iOS ver.1.3.3 and earlier allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. | |||||
| CVE-2021-20716 | 1 Buffalo | 70 Bhr-4rv, Bhr-4rv Firmware, Fs-g54 and 67 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54 firmware Ver.2.32 and prior, WBR2-G54-KD firmware Ver.2.32 and prior, WBR-B11 firmware Ver.2.23 and prior, WBR-G54 firmware Ver.2.23 and prior, WBR-G54L firmware Ver.2.20 and prior, WHR2-A54G54 firmware Ver.2.25 and prior, WHR2-G54 firmware Ver.2.23 and prior, WHR2-G54V firmware Ver.2.55 and prior, WHR3-AG54 firmware Ver.2.23 and prior, WHR-G54 firmware Ver.2.16 and prior, WHR-G54-NF firmware Ver.2.10 and prior, WLA2-G54 firmware Ver.2.24 and prior, WLA2-G54C firmware Ver.2.24 and prior, WLA-B11 firmware Ver.2.20 and prior, WLA-G54 firmware Ver.2.20 and prior, WLA-G54C firmware Ver.2.20 and prior, WLAH-A54G54 firmware Ver.2.54 and prior, WLAH-AM54G54 firmware Ver.2.54 and prior, WLAH-G54 firmware Ver.2.54 and prior, WLI2-TX1-AG54 firmware Ver.2.53 and prior, WLI2-TX1-AMG54 firmware Ver.2.53 and prior, WLI2-TX1-G54 firmware Ver.2.20 and prior, WLI3-TX1-AMG54 firmware Ver.2.53 and prior, WLI3-TX1-G54 firmware Ver.2.53 and prior, WLI-T1-B11 firmware Ver.2.20 and prior, WLI-TX1-G54 firmware Ver.2.20 and prior, WVR-G54-NF firmware Ver.2.02 and prior, WZR-G108 firmware Ver.2.41 and prior, WZR-G54 firmware Ver.2.41 and prior, WZR-HP-G54 firmware Ver.2.41 and prior, WZR-RS-G54 firmware Ver.2.55 and prior, and WZR-RS-G54HP firmware Ver.2.55 and prior) allows a remote attacker to enable the debug option and to execute arbitrary code or OS commands, change the configuration, and cause a denial of service (DoS) condition. | |||||
| CVE-2021-20712 | 1 Nec | 4 Aterm Wg2600hs, Aterm Wg2600hs Firmware, Aterm Wx3000hp and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1 and earlier, and Aterm WX3000HP firmware Ver1.1.2 and earlier allows a device connected to the LAN side to be accessed from the WAN side due to the defect in the IPv6 firewall function. | |||||
| CVE-2021-20694 | 1 Dlink | 2 Dap-1880ac, Dap-1880ac Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to bypass access restriction and to start a telnet service via unspecified vectors. | |||||
| CVE-2021-20670 | 1 Weseek | 1 Growi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper access control vulnerability in GROWI versions v4.2.2 and earlier allows a remote unauthenticated attacker to read the user's personal information and/or server's internal information via unspecified vectors. | |||||
| CVE-2021-20657 | 1 Contec | 2 Sv-cpt-mc310, Sv-cpt-mc310 Firmware | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors. | |||||
| CVE-2021-20643 | 1 Elecom | 2 Ld-ps\/u1, Ld-ps\/u1 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request. | |||||
| CVE-2021-20642 | 1 Logitech | 2 Lan-w300n\/rs, Lan-w300n\/rs Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL. | |||||
| CVE-2021-20637 | 1 Logitech | 2 Lan-w300n\/pr5b, Lan-w300n\/pr5b Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL. | |||||
| CVE-2021-20634 | 1 Cybozu | 1 Office | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Custom App via unspecified vectors. | |||||
| CVE-2021-20633 | 1 Cybozu | 1 Office | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Cabinet via unspecified vectors. | |||||
| CVE-2021-20632 | 1 Cybozu | 1 Office | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Bulletin Board via unspecified vectors. | |||||