Export limit exceeded: 79692 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79692 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46076 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 8.8 High |
| Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. | ||||
| CVE-2021-46075 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2024-11-21 | 7.2 High |
| A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. | ||||
| CVE-2021-46064 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image. | ||||
| CVE-2021-46062 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 7.1 High |
| MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName. | ||||
| CVE-2021-46037 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 8.1 High |
| MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do. | ||||
| CVE-2021-46020 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.5 High |
| An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. | ||||
| CVE-2021-46010 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 8.8 High |
| Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations. | ||||
| CVE-2021-46008 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 8.8 High |
| In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on. | ||||
| CVE-2021-45997 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters. | ||||
| CVE-2021-45996 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters. | ||||
| CVE-2021-45995 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetStaticRoute. This vulnerability allows attackers to cause a Denial of Service (DoS) via the staticRouteNet, staticRouteMask, and staticRouteGateway parameters. | ||||
| CVE-2021-45994 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the delDhcpIndex parameter. | ||||
| CVE-2021-45993 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindModify. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRuleIP and IPMacBindRuleMac parameters. | ||||
| CVE-2021-45992 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetQvlanList. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qvlanName parameter. | ||||
| CVE-2021-45991 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddVpnUsers. This vulnerability allows attackers to cause a Denial of Service (DoS) via the vpnUsers parameter. | ||||
| CVE-2021-45989 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters. | ||||
| CVE-2021-45988 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-11-21 | 7.5 High |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter. | ||||
| CVE-2021-45982 | 1 Netscout | 1 Ngeniusone | 2024-11-21 | 8.8 High |
| NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged user. | ||||
| CVE-2021-45980 | 2 Apple, Foxit | 3 Macos, Pdf Editor, Pdf Reader | 2024-11-21 | 7.8 High |
| Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API. | ||||
| CVE-2021-45979 | 2 Apple, Foxit | 3 Macos, Pdf Editor, Pdf Reader | 2024-11-21 | 7.8 High |
| Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API. | ||||