Export limit exceeded: 346602 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346602 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346602 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 78972 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (78972 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32555 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32554 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32553 | 2 Canonical, Oracle | 2 Ubuntu Linux, Openjdk | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32552 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32551 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32550 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32549 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32548 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32547 | 1 Canonical | 1 Ubuntu Linux | 2024-11-21 | 7.3 High |
| It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users. | ||||
| CVE-2021-32546 | 1 Gogs | 1 Gogs | 2024-11-21 | 8.8 High |
| Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can create a new file in a new repository, using the GUI, with "\" as its name, and then rename this file to .git/config with the custom configuration content (and then save it). | ||||
| CVE-2021-32545 | 1 Pexip | 1 Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation. | ||||
| CVE-2021-32532 | 1 Qsan | 1 Xevo | 2024-11-21 | 7.5 High |
| Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0. | ||||
| CVE-2021-32527 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 7.5 High |
| Path traversal vulnerability in QSAN Storage Manager allows remote unauthenticated attackers to download arbitrary files thru injecting file path in download function. Suggest contacting with QSAN and refer to recommendations in QSAN Document. | ||||
| CVE-2021-32521 | 1 Qsan | 3 Sanos, Storage Manager, Xevo | 2024-11-21 | 7.3 High |
| Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document. | ||||
| CVE-2021-32518 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 7.5 High |
| A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a symbolic link then access arbitrary files. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3. | ||||
| CVE-2021-32517 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 7.5 High |
| Improper access control vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files using particular parameter in download function. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3. | ||||
| CVE-2021-32516 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 7.5 High |
| Path traversal vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3. | ||||
| CVE-2021-32514 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 7.5 High |
| Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote attackers to reboot and discontinue the device. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3. | ||||
| CVE-2021-32499 | 1 Sick | 1 Sopas Engineering Tool | 2024-11-21 | 7.5 High |
| SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable. | ||||
| CVE-2021-32498 | 1 Sick | 1 Sopas Engineering Tool | 2024-11-21 | 8.6 High |
| SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator and use path traversal to run an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET the corresponding executable will be started instead of the emulator | ||||