Total
34334 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45504 | 1 Netgear | 10 Cbr40, Cbr40 Firmware, Cbr750 and 7 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBR852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||||
| CVE-2021-45503 | 1 Netgear | 14 Cbr750, Cbr750 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||||
| CVE-2021-45502 | 1 Netgear | 14 Cbr750, Cbr750 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||||
| CVE-2021-45501 | 1 Netgear | 38 Ac2400, Ac2400 Firmware, Ac2600 and 35 more | 2024-11-21 | 9.4 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 before 1.1.0.84, D7000 before 1.0.1.82, R6020 before 1.0.0.52, R6080 before 1.0.0.52, R6120 before 1.0.0.80, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.84, R6330 before 1.1.0.84, R6350 before 1.1.0.84, R6700v2 before 1.1.0.84, R6800 before 1.1.0.84, R6850 before 1.1.0.84, R6900v2 before 1.1.0.84, R7200 before 1.1.0.84, R7350 before 1.1.0.84, R7400 before 1.1.0.84, and R7450 before 1.1.0.84. | ||||
| CVE-2021-45500 | 1 Netgear | 4 R7000p, R7000p Firmware, R8000 and 1 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3.140 and R8000 before 1.0.4.68. | ||||
| CVE-2021-45499 | 1 Netgear | 14 R6900p, R6900p Firmware, R7000p and 11 more | 2024-11-21 | 8.2 High |
| Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. | ||||
| CVE-2021-45498 | 1 Netgear | 2 R6700v2, R6700v2 Firmware | 2024-11-21 | 6.5 Medium |
| NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass. | ||||
| CVE-2021-45497 | 1 Netgear | 2 D7000, D7000 Firmware | 2024-11-21 | 9.4 Critical |
| NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. | ||||
| CVE-2021-45496 | 1 Netgear | 2 D7000, D7000 Firmware | 2024-11-21 | 9.1 Critical |
| NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. | ||||
| CVE-2021-45495 | 1 Netgear | 2 D7000, D7000 Firmware | 2024-11-21 | 6.5 Medium |
| NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass. | ||||
| CVE-2021-45494 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2024-11-21 | 8.4 High |
| Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | ||||
| CVE-2021-45471 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2024-11-21 | 5.3 Medium |
| In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items. | ||||
| CVE-2021-45461 | 1 Sangoma | 3 Freepbx, Pbxact, Restapps | 2024-11-21 | 9.8 Critical |
| FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19. | ||||
| CVE-2021-45454 | 1 Amperecomputing | 4 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 1 more | 2024-11-21 | 7.5 High |
| Ampere Altra before SRP 1.08b and Altra Max before SRP 2.05 allow information disclosure of power telemetry via HWmon. | ||||
| CVE-2021-45444 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Mac Os X, Macos, Debian Linux and 3 more | 2024-11-21 | 7.8 High |
| In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. | ||||
| CVE-2021-45414 | 1 Datarobot | 1 Datarobot | 2024-11-21 | 9.8 Critical |
| A Remote Code Execution (RCE) vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver. | ||||
| CVE-2021-45364 | 1 Statamic | 1 Statamic | 2024-11-21 | 9.8 Critical |
| A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product | ||||
| CVE-2021-45348 | 1 Attendance Management System Project | 1 Attendance Management System | 2024-11-21 | 7.5 High |
| An Arbitrary File Deletion vulnerability exists in SourceCodester Attendance Management System v1.0 via the csv parameter in admin/pageUploadCSV.php, which can cause a Denial of Service (crash). | ||||
| CVE-2021-45337 | 1 Avast | 1 Antivirus | 2024-11-21 | 8.8 High |
| Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection. | ||||
| CVE-2021-45336 | 1 Avast | 1 Antivirus | 2024-11-21 | 8.8 High |
| Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges. | ||||