Latest CVE Feed
-
4.3
MEDIUMCVE-2021-4180
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configur... Read more
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
6.6
MEDIUMCVE-2021-4179
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
Affected Products : live_helper_chat- Published: Dec. 28, 2021
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.... Read more
- Published: Aug. 24, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-4177
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information... Read more
Affected Products : live_helper_chat- Published: Dec. 28, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-4176
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
Affected Products : live_helper_chat- Published: Dec. 29, 2021
- Modified: Nov. 21, 2024
-
6.6
MEDIUMCVE-2021-4175
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
Affected Products : live_helper_chat- Published: Dec. 29, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-4173
vim is vulnerable to Use After Free... Read more
- Published: Dec. 27, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-4172
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.... Read more
Affected Products : showdoc- Published: Jan. 22, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICAL- Published: Jan. 17, 2022
- Modified: Nov. 21, 2024
-
7.3
HIGHCVE-2021-4170
calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
- Published: Jan. 16, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-4169
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
Affected Products : live_helper_chat- Published: Dec. 26, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-4168
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)... Read more
Affected Products : showdoc- Published: Dec. 26, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-4166
vim is vulnerable to Out-of-bounds Read... Read more
Affected Products : enterprise_linux fedora debian_linux vim macos mac_os_x linux_enterprise factory- Published: Dec. 25, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGH- Published: Jan. 17, 2022
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-4162
archivy is vulnerable to Cross-Site Request Forgery (CSRF)... Read more
Affected Products : archivy- Published: Dec. 25, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-4161
The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.... Read more
Affected Products : mgate_mb3180_firmware mgate_mb3280_firmware mgate_mb3480_firmware mgate_mb3180 mgate_mb3280 mgate_mb3480- Published: Dec. 27, 2021
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2021-4160
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely a... Read more
- Published: Jan. 28, 2022
- Modified: Nov. 21, 2024
-
4.4
MEDIUMCVE-2021-4159
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak in... Read more
- Published: Aug. 24, 2022
- Modified: Nov. 21, 2024
-
6.0
MEDIUMCVE-2021-4158
A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.... Read more
- Published: Aug. 24, 2022
- Modified: Nov. 21, 2024
-
8.0
HIGHCVE-2021-4157
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the sy... Read more
Affected Products : linux_kernel fedora h300s_firmware h500s_firmware h700s_firmware h410s_firmware communications_cloud_native_core_binding_support_function h300s h410s h500s +7 more products- Published: Mar. 25, 2022
- Modified: Nov. 21, 2024