Total
11435 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22444 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection. | |||||
| CVE-2021-22443 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access. | |||||
| CVE-2021-22400 | 1 Huawei | 2 Oxfords-an00a, Oxfords-an00a Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product include:OxfordS-AN00A 10.0.1.10(C00E10R1P1),10.0.1.105(C00E103R3P3),10.0.1.115(C00E110R3P3),10.0.1.123(C00E121R3P3),10.0.1.135(C00E130R3P3),10.0.1.135(C00E130R4P1),10.0.1.152(C00E140R4P1),10.0.1.160(C00E160R4P1),10.0.1.167(C00E166R4P1),10.0.1.173(C00E172R5P1),10.0.1.178(C00E175R5P1) and 10.1.0.202(C00E79R5P1). | |||||
| CVE-2021-22397 | 1 Huawei | 1 Manageone | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service. | |||||
| CVE-2021-22381 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS. | |||||
| CVE-2021-22377 | 1 Huawei | 10 S12700, S12700 Firmware, S2700 and 7 more | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service. | |||||
| CVE-2021-22359 | 1 Huawei | 4 S5700, S5700 Firmware, S6700 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal. | |||||
| CVE-2021-22358 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal. | |||||
| CVE-2021-22357 | 1 Huawei | 8 S12700, S12700 Firmware, S5700 and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500. | |||||
| CVE-2021-22349 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart. | |||||
| CVE-2021-22289 | 1 Br-automation | 1 Studio | 2024-11-21 | N/A | 8.3 HIGH |
| Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code. | |||||
| CVE-2021-22288 | 1 Abb | 4 Pni800, Pni800 Firmware, Spiet800 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | |||||
| CVE-2021-22286 | 1 Abb | 4 Pni800, Pni800 Firmware, Spiet800 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | |||||
| CVE-2021-22280 | 2024-11-21 | N/A | 7.2 HIGH | ||
| Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product. | |||||
| CVE-2021-22277 | 1 Abb | 4 800xa, Base Software, Compact Product Suite and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. | |||||
| CVE-2021-22245 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| Improper validation of commit author in GitLab CE/EE affecting all versions allowed an attacker to make several pages in a project impossible to view | |||||
| CVE-2021-22152 | 1 Blackberry | 1 Unified Endpoint Management | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections. | |||||
| CVE-2021-22116 | 2 Debian, Vmware | 2 Debian Linux, Rabbitmq | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled. | |||||
| CVE-2021-21978 | 1 Vmware | 1 View Planner | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container. | |||||
| CVE-2021-21968 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2024-11-21 | 6.8 MEDIUM | 8.3 HIGH |
| A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to arbitrary file overwrite. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | |||||