CVE & Exploit Intelligence Database

CVE-2021-23034 7.5 HIGH EPSS 0.01

On BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CWE-20 Sep 14, 2021

CVE-2021-39212 4.4 MEDIUM 1 Writeup EPSS 0.00

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. <policy domain="module" rights="none" pattern="PS" />. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />.

CWE-362 Sep 13, 2021

CVE-2021-28568 5.8 MEDIUM EPSS 0.00

Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. A local authenticated attacker could leverage this vulnerability to achieve privilege escalation in the context of the current user.

CWE-379 Sep 08, 2021

CVE-2021-36002 5.0 MEDIUM EPSS 0.00

Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. The attacker must plant a malicious file in a particular location of the victim's machine. Exploitation of this issue requires user interaction in that a victim must launch the Captivate Installer.

CWE-379 Sep 01, 2021

CVE-2020-18972 5.5 MEDIUM EPSS 0.00

Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.

CWE-668 Aug 25, 2021

CVE-2021-30921 5.5 MEDIUM EPSS 0.00

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A user's password may be visible onscreen.

CWE-668 Aug 24, 2021

CVE-2021-28633 6.1 MEDIUM EPSS 0.00

Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.

CWE-379 Aug 24, 2021

CVE-2021-29280 6.4 MEDIUM 1 Writeup EPSS 0.00

In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow

CWE-668 Aug 19, 2021

CVE-2021-38712 7.5 HIGH EPSS 0.00

OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE: the vendor's recommended solution is to block the access via an NGINX configuration file.

CWE-668 Aug 16, 2021

CVE-2020-18754 7.5 HIGH 1 Writeup EPSS 0.00

An information disclosure vulnerability exists within Dut Computer Control Engineering Co.'s PLC MAC1100.

CWE-668 Aug 13, 2021

CVE-2021-37704 5.4 MEDIUM 1 Writeup NUCLEI EPSS 0.48

PhpFastCache is a high-performance backend cache system (packagist package phpfastcache/phpfastcache). In versions before 6.1.5, 7.1.2, and 8.0.7 the `phpinfo()` can be exposed if the `/vendor` is not protected from public access. This is a rare situation today since the vendor directory is often located outside the web directory or protected via server rule (.htaccess, etc). Only the v6, v7 and v8 will be patched respectively in 8.0.7, 7.1.2, 6.1.5. Older versions such as v5, v4 are not longer supported and will **NOT** be patched. As a workaround, protect the `/vendor` directory from public access.

CWE-200 Aug 12, 2021

CVE-2021-22385 7.8 HIGH EPSS 0.00

A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.

CWE-668 Aug 10, 2021

CVE-2020-21356 5.3 MEDIUM EPSS 0.00

An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads.

CWE-668 Aug 06, 2021

CVE-2021-22420 7.8 HIGH EPSS 0.00

A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing..

CWE-668 Aug 03, 2021

CVE-2021-32788 4.3 MEDIUM 1 Writeup EPSS 0.00

Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal message even though the whisper post cannot be seen by them. 2: When a whisper post is before the last post in a post stream, deleting the last post will result in the creator of the whisper post to be revealed to non-staff users as the last poster of the topic.

CWE-668 Jul 27, 2021

CVE-2021-32760 5.0 MEDIUM EPSS 0.00

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.

CWE-732 Jul 19, 2021

CVE-2021-0588 5.5 MEDIUM EPSS 0.00

In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-177238342

CWE-668 Jul 14, 2021

CVE-2020-22535 6.5 MEDIUM EPSS 0.00

Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php.

CWE-668 Jul 09, 2021

CVE-2021-25432 3.3 LOW EPSS 0.00

Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data.

CWE-200 Jul 08, 2021

CVE-2020-27361 7.5 HIGH NUCLEI EPSS 0.89

An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.

CWE-668 Jul 01, 2021