Export limit exceeded: 10132 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10132 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4000 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 6.1 Medium |
| showdoc is vulnerable to URL Redirection to Untrusted Site | ||||
| CVE-2021-46898 | 1 Vonautomatisch | 1 Django Grappelli | 2024-11-21 | 6.1 Medium |
| views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prevent external redirection with startswith("/") but this does not consider a protocol-relative URL (e.g., //example.com) attack. | ||||
| CVE-2021-46784 | 3 Debian, Redhat, Squid-cache | 5 Debian Linux, Enterprise Linux, Rhel E4s and 2 more | 2024-11-21 | 6.5 Medium |
| In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. | ||||
| CVE-2021-46687 | 1 Jfrog | 1 Artifactory | 2024-11-21 | 4.9 Medium |
| JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x. | ||||
| CVE-2021-46666 | 2 Mariadb, Redhat | 4 Mariadb, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.5 Medium |
| MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause. | ||||
| CVE-2021-46660 | 1 Signiant | 1 Manager\+agents | 2024-11-21 | 9.8 Critical |
| Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks. | ||||
| CVE-2021-46517 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46515 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `mjs_stack_size(&mjs->scopes) >= scopes_len' failed at src/mjs_exec.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46514 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion 'ppos != NULL && mjs_is_number(*ppos)' failed at src/mjs_core.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46511 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `m->len >= sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46510 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `s < mjs->owned_strings.buf + mjs->owned_strings.len' failed at src/mjs_gc.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46509 | 1 Cesanta | 1 Mjs | 2024-11-21 | 7.8 High |
| Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c. | ||||
| CVE-2021-46508 | 1 Cesanta | 1 Mjs | 2024-11-21 | 5.5 Medium |
| There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0. | ||||
| CVE-2021-46507 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| Jsish v3.5.0 was discovered to contain a stack overflow via Jsi_LogMsg at src/jsiUtils.c. | ||||
| CVE-2021-46506 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| There is an Assertion 'v->d.lval != v' failed at src/jsiValue.c in Jsish v3.5.0. | ||||
| CVE-2021-46505 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| Jsish v3.5.0 was discovered to contain a stack overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5b1e5. | ||||
| CVE-2021-46504 | 1 Jsish | 1 Jsish | 2024-11-21 | 5.5 Medium |
| There is an Assertion 'vp != resPtr' failed at jsiEval.c in Jsish v3.5.0. | ||||
| CVE-2021-46416 | 1 Sma | 2 Sunny Tripower, Sunny Tripower Firmware | 2024-11-21 | 8.1 High |
| Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling. | ||||
| CVE-2021-46379 | 1 Dlink | 2 Dir-850l, Dir-850l Firmware | 2024-11-21 | 6.1 Medium |
| DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. | ||||
| CVE-2021-46366 | 1 Magnolia-cms | 1 Magnolia Cms | 2024-11-21 | 8.8 High |
| An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials. | ||||