Lista CVE 2021/41xxx

CVE nel gruppo: 41xxx

CVE-2021-41041 (N/A)

CVE-2021-41042 (N/A)

CVE-2021-41043 (N/A)

CVE-2021-41054 (N/A)

CVE-2021-41055 (N/A)

CVE-2021-41057 (N/A)

CVE-2021-41061 (N/A)

CVE-2021-41063 (N/A)

CVE-2021-41064 (N/A)

CVE-2021-41065 (N/A)

CVE-2021-41066 (N/A)

CVE-2021-41067 (N/A)

CVE-2021-41070 (N/A)

CVE-2021-41071 (N/A)

CVE-2021-41072 (N/A)

CVE-2021-41073 (N/A)

CVE-2021-41075 (N/A)

CVE-2021-41076 (N/A)

CVE-2021-41077 (N/A)

CVE-2021-41078 (N/A)

CVE-2021-41079 (N/A)

CVE-2021-41080 (Apache Tomcat DoS with unexpected TLS packet)

CVE-2021-41081 (N/A)

CVE-2021-41082 (N/A)

CVE-2021-41083 (Private message title and participating users leaked in discourse)

CVE-2021-41084 (CSRF Vulnerability in dada-mail 11.15.1 and below)

CVE-2021-41086 (Response Splitting from unsanitized headers in http4s)

CVE-2021-41087 (Clipboard-based XSS in jsuites)

CVE-2021-41088 (Improperly Implemented path matching for in-toto-golang)

CVE-2021-41089 (Remote code execution via the web UI backend of Elvish)

CVE-2021-41090 (`docker cp` allows unexpected chmod of host files)

CVE-2021-41091 (Instance config inline secret exposure)

CVE-2021-41092 (Insufficiently restricted permissions on data directory in Docker Engine)

CVE-2021-41093 (Docker CLI leaks private registry credentials to registry-1.docker.io)

CVE-2021-41094 (Account takeover when having only access to a user’s short lived token)

CVE-2021-41095 (Mandatory encryption at rest can be bypassed (UI) in Wire app)

CVE-2021-41096 (XSS via blocked watched word in error message)

CVE-2021-41097 (Use of a Broken or Risky Cryptographic Algorithm in com.mayank.rucky)

CVE-2021-41098 (Prototype pollution in aurelia-path)

CVE-2021-41099 (Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby)

CVE-2021-41100 (Integer overflow issue with strings in Redis)

CVE-2021-41101 (Account takeover when having only access to a user’s short lived token in wire-server)

CVE-2021-41103 (CORS `Access-Control-Allow-Origin` settings are too lenient)

CVE-2021-41104 (Insufficiently restricted permissions on plugin directories)

CVE-2021-41105 (web_server allows OTA update without checking user defined basic auth username & password)

CVE-2021-41106 (FreeSWITCH susceptible to Denial of Service via invalid SRTP packets)

CVE-2021-41109 (File reference keys leads to incorrect hashes on HMAC algorithms)

CVE-2021-41110 (LiveQuery publishes user session tokens)

CVE-2021-41111 (CWL Viewer: deserialization of untrusted data can lead to complete takeover by an attacker)

CVE-2021-41112 (Authorization Bypass Through User-Controlled Key in Rundeck)

CVE-2021-41113 (Missing Authorization in Rundeck)

CVE-2021-41114 ( Cross-Site-Request-Forgery in Backend URI Handling in Typo3)

CVE-2021-41115 ( HTTP Host Header Injection in Request Handling in Typo3)

CVE-2021-41116 (Regular expression denial-of-service in Zulip)

CVE-2021-41117 (Command injection in composer on Windows)

CVE-2021-41118 (Insecure random number generation)

CVE-2021-41119 (ReDoS in DynamicPageList3)

CVE-2021-41120 (DoS vulnerabiliity in wire-server json parser)

CVE-2021-41121 (Unauthorized access to Credit card form in sylius/paypal-plugin)

CVE-2021-41122 (Memory corruption in Vyper)