Total
2747 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0923 | 1 Google | 1 Android | 2021-12-17 | 7.2 HIGH | 7.8 HIGH |
| In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-195338390 | |||||
| CVE-2021-0926 | 1 Google | 1 Android | 2021-12-17 | 7.2 HIGH | 7.8 HIGH |
| In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-191053931 | |||||
| CVE-2021-0922 | 1 Google | 1 Android | 2021-12-17 | 4.6 MEDIUM | 7.8 HIGH |
| In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass of INTERACT_ACROSS_PROFILES permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-195630721 | |||||
| CVE-2021-20867 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2021-12-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in moving the field group which may allow a user to move the unauthorized field group via unspecified vectors. | |||||
| CVE-2021-20866 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2021-12-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in obtaining the user list which may allow a user to obtain the unauthorized information via unspecified vectors. | |||||
| CVE-2021-20865 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2021-12-15 | 5.0 MEDIUM | 7.5 HIGH |
| Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse unauthorized data via unspecified vectors. | |||||
| CVE-2021-40502 | 1 Sap | 1 Commerce | 2021-11-28 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Authenticated attackers will be able to access and edit data from b2b units they do not belong to. | |||||
| CVE-2020-15109 | 1 Nebulab | 1 Solidus | 2021-11-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with at least two shipping zones and different costs of shipment per zone are impacted. This problem comes from how checkout permitted attributes are structured. We have a single list of attributes that are permitted across the whole checkout, no matter the step that is being submitted. See the linked reference for more information. As a workaround, if it is not possible to upgrade to a supported patched version, please use this gist in the references section. | |||||
| CVE-2020-15080 | 1 Prestashop | 1 Prestashop | 2021-11-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in version 1.7.6.6 A possible workaround is to make sure `composer.json` and `docker-compose.yml` are not accessible on your server. | |||||
| CVE-2020-15251 | 1 Mirahezebots | 1 Channelmgnt | 2021-11-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2 includes 1.0.3 of channelmgnt, and thus is safe from this vulnerability. See referenced GHSA-23pc-4339-95vg. | |||||
| CVE-2020-15247 | 1 Octobercms | 1 October | 2021-11-18 | 4.4 MEDIUM | 5.2 MEDIUM |
| October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to cms.enableSafeMode being enabled is able to write specific Twig code to escape the Twig sandbox and execute arbitrary PHP. This is not a problem for anyone that trusts their users with those permissions to normally write & manage PHP within the CMS by not having cms.enableSafeMode enabled, but would be a problem for anyone relying on cms.enableSafeMode to ensure that users with those permissions in production do not have access to write & execute arbitrary PHP. Issue has been patched in Build 469 (v1.0.469) and v1.1.0. | |||||
| CVE-2020-15245 | 1 Sylius | 1 Sylius | 2021-11-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email mail@example.com, verify it, change it to the mail another@domain.com and stay verified and enabled. This may lead to having accounts addressed to totally different emails, that were verified. Note, that this way one is not able to take over any existing account (guest or normal one). The issue has been patched in Sylius 1.6.9, 1.7.9 and 1.8.3. As a workaround, you may resolve this issue on your own by creating a custom event listener, which will listen to the sylius.customer.pre_update event. You can determine that email has been changed if customer email and user username are different. They are synchronized later on. Pay attention, to email changing behavior for administrators. You may need to skip this logic for them. In order to achieve this, you should either check master request path info, if it does not contain /admin prefix or adjust event triggered during customer update in the shop. You can find more information on how to customize the event here. | |||||
| CVE-2021-42062 | 1 Sap | 1 Erp Human Capital Management | 2021-11-15 | 4.0 MEDIUM | 4.3 MEDIUM |
| SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts. | |||||
| CVE-2021-40501 | 1 Sap | 1 Abap Platform Kernel | 2021-11-12 | 5.5 MEDIUM | 8.1 HIGH |
| SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system. | |||||
| CVE-2020-25366 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2021-11-06 | 8.5 HIGH | 9.1 CRITICAL |
| An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors. | |||||
| CVE-2021-24633 | 1 Wpdeveloper | 1 Countdown Block | 2021-11-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the eb_write_block_css AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users. | |||||
| CVE-2021-41238 | 1 Hangfire | 1 Hangfire | 2021-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Hangfire is an open source system to perform background job processing in a .NET or .NET Core applications. No Windows Service or separate process required. Dashboard UI in Hangfire.Core uses authorization filters to protect it from showing sensitive data to unauthorized users. By default when no custom authorization filters specified, `LocalRequestsOnlyAuthorizationFilter` filter is being used to allow only local requests and prohibit all the remote requests to provide sensible, protected by default settings. However due to the recent changes, in version 1.7.25 no authorization filters are used by default, allowing remote requests to succeed. If you are using `UseHangfireDashboard` method with default `DashboardOptions.Authorization` property value, then your installation is impacted. If any other authorization filter is specified in the `DashboardOptions.Authorization` property, the you are not impacted. Patched versions (1.7.26) are available both on Nuget.org and as a tagged release on the github repo. Default authorization rules now prohibit remote requests by default again by including the `LocalRequestsOnlyAuthorizationFilter` filter to the default settings. Please upgrade to the newest version in order to mitigate the issue. For users who are unable to upgrade it is possible to mitigate the issue by using the `LocalRequestsOnlyAuthorizationFilter` explicitly when configuring the Dashboard UI. | |||||
| CVE-2021-24677 | 1 Find My Blocks Project | 1 Find My Blocks | 2021-11-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Find My Blocks WordPress plugin before 3.4.0 does not have authorisation checks in its REST API, which could allow unauthenticated users to enumerate private posts' titles. | |||||
| CVE-2021-30810 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2021-11-03 | 2.9 LOW | 4.3 MEDIUM |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup. | |||||
| CVE-2018-25019 | 1 Learndash | 1 Learndash | 2021-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndash_assignment_process_init() function, which could allow unauthenticated users to upload arbitrary files to the web server | |||||