Latest CVE Feed
-
9.6
CRITICALCVE-2021-3994
django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
Affected Products : django-helpdesk- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3993
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)... Read more
Affected Products : showdoc- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3992
kimai2 is vulnerable to Improper Access Control... Read more
- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3990
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)... Read more
Affected Products : showdoc- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3989
showdoc is vulnerable to URL Redirection to Untrusted Site... Read more
Affected Products : showdoc- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2021-3985
kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGH- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
6.3
MEDIUMCVE-2021-3983
kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
- Published: Dec. 01, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-3982
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase it... Read more
Affected Products : gnome-shell- Published: Apr. 29, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2021-3981
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventuall... Read more
- Published: Mar. 10, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-3980
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor... Read more
Affected Products : elgg- Published: Dec. 03, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3979
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and int... Read more
- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3977
invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Read more
Affected Products : invoice_ninja- Published: Dec. 24, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3976
kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)... Read more
- Published: Nov. 19, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-3975
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDoma... Read more
Affected Products : ubuntu_linux enterprise_linux fedora debian_linux enterprise_linux_server_tus ontap_select_deploy_administration_utility enterprise_linux_eus enterprise_linux_for_ibm_z_systems_eus enterprise_linux_for_power_little_endian enterprise_linux_for_power_little_endian_eus +4 more products- Published: Aug. 23, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGH- Published: Nov. 19, 2021
- Modified: Nov. 21, 2024
-
9.3
HIGH- Published: Nov. 19, 2021
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2021-3972
A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM v... Read more
Affected Products : ideapad_3-15ada05_firmware ideapad_3-14ada05_firmware ideapad_3-14ada6_firmware ideapad_3-14alc6_firmware ideapad_3-15ada6_firmware ideapad_3-15alc6_firmware ideapad_3-17alc6_firmware ideapad_3-17ada05_firmware ideapad_3-17ada6_firmware legion_s7-15ach6_firmware +200 more products- Published: Apr. 22, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2021-3971
A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region b... Read more
- Published: Apr. 22, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-3970
A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code.... Read more
Affected Products : ideapad_3-15ada05_firmware ideapad_3-14ada05_firmware ideapad_3-14ada6_firmware ideapad_3-14alc6_firmware ideapad_3-15ada6_firmware ideapad_3-15alc6_firmware ideapad_3-17alc6_firmware ideapad_3-17ada05_firmware ideapad_3-17ada6_firmware legion_s7-15ach6_firmware +200 more products- Published: Apr. 22, 2022
- Modified: Nov. 21, 2024