Total
32421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3038 | 1 Paloaltonetworks | 1 Globalprotect | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4. | |||||
| CVE-2021-3024 | 1 Hashicorp | 1 Vault | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| HashiCorp Vault and Vault Enterprise disclosed the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7. | |||||
| CVE-2021-3022 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 10 software. There was no write protection for the MTK protect2 partition. The LG ID is LVE-SMP-200028 (January 2021). | |||||
| CVE-2021-3017 | 1 Intelbras | 4 Win 300, Win 300 Firmware, Wrn 342 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code. | |||||
| CVE-2021-3013 | 2 Microsoft, Ripgrep Project | 2 Windows, Ripgrep | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag. | |||||
| CVE-2021-3005 | 1 Mk-auth | 1 Mk-auth | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| MK-AUTH through 19.01 K4.9 allows remote attackers to obtain sensitive information (e.g., a CPF number) via a modified titulo (aka invoice number) value to the central/recibo.php URI. | |||||
| CVE-2021-39998 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart. | |||||
| CVE-2021-39994 | 1 Huawei | 1 Emui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. | |||||
| CVE-2021-39991 | 1 Huawei | 1 Emui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-39986 | 1 Huawei | 1 Emui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-39981 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call. | |||||
| CVE-2021-39975 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks. | |||||
| CVE-2021-39969 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-39968 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class. | |||||
| CVE-2021-39947 | 1 Gitlab | 1 Gitlab Runner | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| In specific circumstances, trace file buffers in GitLab Runner versions up to 14.3.4, 14.4 to 14.4.2, and 14.5 to 14.5.2 would re-use the file descriptor 0 for multiple traces and mix the output of several jobs | |||||
| CVE-2021-39931 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.5 LOW | 3.1 LOW |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under specific condition an unauthorised project member was allowed to delete a protected branches due to a business logic error. | |||||
| CVE-2021-39905 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public project has been shared with | |||||
| CVE-2021-39901 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| In all versions of GitLab CE/EE since version 11.10, an admin of a group can see the SCIM token of that group by visiting a specific endpoint. | |||||
| CVE-2021-39896 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.5 MEDIUM | 3.8 LOW |
| In all versions of GitLab CE/EE since version 8.0, when an admin uses the impersonate feature twice and stops impersonating, the admin may be logged in as the second user they impersonated, which may lead to repudiation issues. | |||||
| CVE-2021-39895 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 2.1 LOW | 6.0 MEDIUM |
| In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure if the project is imported from an untrusted source. | |||||