Total
32421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40171 | 1 Securitashome | 2 Securitashome Alarm System, Securitashome Alarm System Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system. | |||||
| CVE-2021-40147 | 1 Emtec | 1 Zoc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulnerability than CVE-2021-32198. | |||||
| CVE-2021-40146 | 1 Apache | 1 Any23 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A Remote Code Execution (RCE) vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions < 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) vulnerabilities. | |||||
| CVE-2021-40104 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass. | |||||
| CVE-2021-40099 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution. | |||||
| CVE-2021-40089 | 1 Primekey | 1 Ejbca | 2024-11-21 | 1.9 LOW | 2.3 LOW |
| An issue was discovered in PrimeKey EJBCA before 7.6.0. The General Purpose Custom Publisher, which is normally run to invoke a local script upon a publishing operation, was still able to run if the System Configuration setting Enable External Script Access was disabled. With this setting disabled it's not possible to create new such publishers, but existing publishers would continue to run. | |||||
| CVE-2021-40085 | 2 Debian, Openstack | 2 Debian Linux, Neutron | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value. | |||||
| CVE-2021-40065 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-40063 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2021-40055 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
| There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity. | |||||
| CVE-2021-40051 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality. | |||||
| CVE-2021-40046 | 1 Huawei | 1 Pcmanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege. | |||||
| CVE-2021-40040 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | N/A | 7.5 HIGH |
| Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2021-40034 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | N/A | 7.5 HIGH |
| The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability. | |||||
| CVE-2021-40033 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause information disclosure. Affected product versions include: CloudEngine 12800 V200R005C10SPC800; CloudEngine 5800 V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 V200R005C10SPC800, V200R019C00SPC800. | |||||
| CVE-2021-40032 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-40030 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | N/A | 7.5 HIGH |
| The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-40024 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
| Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-40023 | 1 Huawei | 1 Emui | 2024-11-21 | N/A | 7.5 HIGH |
| Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality. | |||||
| CVE-2021-40022 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality. | |||||