Total
34251 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25775 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 3.8 Low |
| In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. | ||||
| CVE-2021-25772 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.3 Medium |
| In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration. | ||||
| CVE-2021-25771 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 4.3 Medium |
| In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed. | ||||
| CVE-2021-25769 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 7.5 High |
| In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments. | ||||
| CVE-2021-25767 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.3 Medium |
| In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution. | ||||
| CVE-2021-25766 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.3 Medium |
| In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made. | ||||
| CVE-2021-25764 | 1 Jetbrains | 1 Phpstorm | 2024-11-21 | 5.3 Medium |
| In JetBrains PhpStorm before 2020.3, source code could be added to debug logs. | ||||
| CVE-2021-25760 | 1 Jetbrains | 1 Hub | 2024-11-21 | 5.3 Medium |
| In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible. | ||||
| CVE-2021-25759 | 1 Jetbrains | 1 Hub | 2024-11-21 | 6.5 Medium |
| In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user. | ||||
| CVE-2021-25756 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 5.3 Medium |
| In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS. | ||||
| CVE-2021-25742 | 2 Kubernetes, Netapp | 2 Ingress-nginx, Trident | 2024-11-21 | 7.6 High |
| A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster. | ||||
| CVE-2021-25681 | 1 Adtran | 3 Netvanta 7060, Netvanta 7100, Personal Phone Manager | 2024-11-21 | 7.5 High |
| AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The affected appliances NetVanta 7060 and NetVanta 7100 are considered End of Life and as such this issue will not be patched | ||||
| CVE-2021-25654 | 1 Avaya | 1 Aura Device Services | 2024-11-21 | 6.2 Medium |
| An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services. | ||||
| CVE-2021-25653 | 1 Avaya | 1 Aura Appliance Virtualization Platform | 2024-11-21 | 8 High |
| A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 through 8.1.3.1 versions of AVPU. | ||||
| CVE-2021-25499 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.1 High |
| Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store. | ||||
| CVE-2021-25486 | 1 Google | 1 Android | 2024-11-21 | 2.5 Low |
| Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log. | ||||
| CVE-2021-25476 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.1 Medium |
| An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | ||||
| CVE-2021-25471 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 3.7 Low |
| A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | ||||
| CVE-2021-25468 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.4 Medium |
| A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. | ||||
| CVE-2021-25464 | 1 Samsung | 1 Capture | 2024-11-21 | 3.3 Low |
| An improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak. | ||||