Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure
23.03.2021
Matthias Deeg
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2021-11-30
Low
CVE-2021-42116
Vendor:
Businessdnasolutions
Software:
Topease
2021-11-24
Medium
CVE-2021-22957
Vendor:
UI
Software:
Unifi protect
Medium
CVE-2021-36917
Vendor:
Wpwave
Software:
Hide my wp
WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user. It is possible to retrieve a reset token which can then be used to deactivate the plugin.
Low
CVE-2021-42306
Vendor:
Microsoft
Software:
Azure active...
Azure Active Directory Information Disclosure Vulnerability
2021-11-23
Low
CVE-2021-38004
Vendor:
Google
Software:
Chrome
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
2021-11-22
Medium
CVE-2021-38376
Vendor:
Open-xchange
Software:
Ox app suite
OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.
Low
CVE-2021-38378
Vendor:
Open-xchange
Software:
Ox app suite
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name.
Medium
CVE-2021-43560
Vendor:
Moodle
Software:
Moodle
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
2021-11-20
Low
CVE-2021-36319
Vendor:
DELL
Software:
Networking os10
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.
2021-11-19
Medium
CVE-2021-41532
Vendor:
Apache
Software:
Ozone
In Apache Ozone before 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints.
Copyright
2021
, cxsecurity.com
Back to Top
Polish
English