Total
367136 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-42641 | 1 Printerlogic | 1 Web Stack | 2026-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users. | |||||
| CVE-2021-42640 | 1 Printerlogic | 1 Web Stack | 2026-07-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer. | |||||
| CVE-2021-42639 | 1 Printerlogic | 1 Web Stack | 2026-07-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization. | |||||
| CVE-2021-42638 | 3 Apple, Linux, Printerlogic | 3 Macos, Linux Kernel, Web Stack | 2026-07-09 | 9.3 HIGH | 8.1 HIGH |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution. | |||||
| CVE-2021-42637 | 1 Printerlogic | 1 Web Stack | 2026-07-09 | 7.5 HIGH | 9.8 CRITICAL |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability. | |||||
| CVE-2021-42635 | 3 Apple, Linux, Printerlogic | 3 Macos, Linux Kernel, Web Stack | 2026-07-09 | 9.3 HIGH | 8.1 HIGH |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution. | |||||
| CVE-2021-42633 | 1 Printerlogic | 1 Web Stack | 2026-07-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records. | |||||
| CVE-2021-42631 | 3 Apple, Linux, Printerlogic | 4 Macos, Linux Kernel, Virtual Appliance and 1 more | 2026-07-09 | 9.3 HIGH | 8.1 HIGH |
| PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution. | |||||
| CVE-2021-42627 | 1 Dlink | 8 Dir-615, Dir-615 Firmware, Dir-615 J1 and 5 more | 2026-07-09 | N/A | 9.8 CRITICAL |
| The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page. | |||||
| CVE-2021-42232 | 1 Tp-link | 2 Archer A7, Archer A7 Firmware | 2026-07-09 | N/A | 9.8 CRITICAL |
| TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. The vulnerability is caused by the program taking part of the received data packet as part of the command. This will cause an attacker to execute arbitrary commands on the router. | |||||
| CVE-2021-42216 | 1 Anonaddy | 1 Anonaddy | 2026-07-09 | 7.5 HIGH | 9.8 CRITICAL |
| A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php. | |||||
| CVE-2021-41945 | 1 Encode | 1 Httpx | 2026-07-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. | |||||
| CVE-2021-41716 | 1 Mahadiscom | 1 Mahavitaran | 2026-07-09 | 7.5 HIGH | 9.8 CRITICAL |
| Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function | |||||
| CVE-2021-41672 | 1 Peel | 1 Peel Shopping | 2026-07-09 | 5.5 MEDIUM | 6.5 MEDIUM |
| PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database. | |||||
| CVE-2021-41663 | 1 1234n | 1 Minicms | 2026-07-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page. | |||||
| CVE-2021-41657 | 1 Smartbear | 1 Collaborator | 2026-07-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack. | |||||
| CVE-2021-41653 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2026-07-09 | 10.0 HIGH | 9.8 CRITICAL |
| The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. | |||||
| CVE-2021-41451 | 1 Tp-link | 2 Archer Ax10, Archer Ax10 Firmware | 2026-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack. | |||||
| CVE-2021-41450 | 1 Tp-link | 2 Archer Ax10 V1, Archer Ax10 V1 Firmware | 2026-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. | |||||
| CVE-2021-41449 | 1 Netgear | 6 Rax35, Rax35 Firmware, Rax38 and 3 more | 2026-07-09 | 3.6 LOW | 7.1 HIGH |
| A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet. | |||||
