CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2022-22727 A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a userοΏ½s... | 8.8 | HIGH | β | 0 |
| CVE-2021-22286 Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | 7.5 | HIGH | β | 0 |
| CVE-2021-22288 Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | 7.5 | HIGH | β | 0 |
| CVE-2021-28503 The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via... | 7.4 | HIGH | β | 0 |
| CVE-2021-29218 A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited ... | 6.7 | MEDIUM | β | 0 |
| CVE-2021-29219 A potential local buffer overflow vulnerability has been identified in HPE FlexNetwork 5130 EL Switch Series version: Prior to 5130_EI_7.10.R3507P02. HPE has made the following software update to reso... | 7.8 | HIGH | β | 0 |
| CVE-2021-32036 An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. ... | 5.4 | MEDIUM | β | 0 |
| CVE-2021-32732 ### Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which username(s) is actually tied to that email by forging a request to the Forgot username... | 7.5 | HIGH | β | 0 |
| CVE-2021-36151 In Apache Gobblin, the Hadoop token is written to a temp file that is visible to all local users on Unix-like systems. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addr... | 5.5 | MEDIUM | β | 0 |
| CVE-2021-36152 Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-38130 A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. The vulnerability could be exploited to create an informati... | 6.5 | MEDIUM | β | 0 |
| CVE-2021-38960 IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047. | 7.5 | HIGH | β | 0 |
| CVE-2021-40401 A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1. A specially-crafted gerber file can... | 8.6 | HIGH | β | 0 |
| CVE-2021-40403 An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. A specially-crafted pick-and-place... | 6.3 | MEDIUM | β | 0 |
| CVE-2021-40420 A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwareβs PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, ... | 8.8 | HIGH | β | 0 |
| CVE-2021-43841 XWiki is a generic wiki platform offering runtime services for applications built on top of it. When using default XWiki configuration, it's possible for an attacker to upload an SVG containing a scri... | 5.4 | MEDIUM | β | 0 |
| CVE-2021-2241 Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low pr... | 8.1 | HIGH | β | 0 |
| CVE-2021-2242 Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Easily exploitable vulnerability... | 8.2 | HIGH | β | 0 |
| CVE-2021-2244 Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provider Services product of Oracle Essbase (component: JAPI). Supported vers... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-2245 Vulnerability in the Oracle Database - Enterprise Edition Unified Audit component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Easily exploitable vulnerability allo... | 2.7 | LOW | β | 0 |
| CVE-2021-2246 Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.1.1-12.1.3. Easily... | 8.1 | HIGH | β | 0 |
| CVE-2021-2252 Vulnerability in the Oracle Loans product of Oracle E-Business Suite (component: Loan Details, Loan Accounting Events). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulne... | 8.1 | HIGH | β | 0 |
| CVE-2021-2247 Vulnerability in the Oracle Advanced Collections product of Oracle E-Business Suite (component: Admin). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vu... | 8.1 | HIGH | β | 0 |
| CVE-2021-2248 Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthent... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-2249 Vulnerability in the Oracle Landed Cost Management product of Oracle E-Business Suite (component: Shipment Workbench). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily... | 8.1 | HIGH | β | 0 |
| CVE-2021-2250 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high pr... | 8.2 | HIGH | β | 0 |
| CVE-2021-2251 Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Data Source). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable... | 8.1 | HIGH | β | 0 |
| CVE-2021-2253 Vulnerability in the Oracle Advanced Supply Chain Planning product of Oracle Supply Chain (component: Core). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability al... | 9.1 | CRITICAL | β | 0 |
| CVE-2021-2254 Vulnerability in the Oracle Project Contracts product of Oracle E-Business Suite (component: Hold Management). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability ... | 8.1 | HIGH | β | 0 |
| CVE-2021-2255 Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component: Authoring). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows... | 8.1 | HIGH | β | 0 |
| CVE-2021-2256 Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 16.3.1.4.2. Easily ex... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-2257 Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 16.3.1.4.2. Easily ex... | 4.1 | MEDIUM | β | 0 |
| CVE-2021-2258 Vulnerability in the Oracle Projects product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulne... | 8.1 | HIGH | β | 0 |
| CVE-2021-2259 Vulnerability in the Oracle Payables product of Oracle E-Business Suite (component: India Localization, Results). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily expl... | 8.1 | HIGH | β | 0 |
| CVE-2021-2260 Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: iRecruitment). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low ... | 8.1 | HIGH | β | 0 |
| CVE-2021-2261 Vulnerability in the Oracle Lease and Finance Management product of Oracle E-Business Suite (component: Quotes). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily explo... | 8.1 | HIGH | β | 0 |
| CVE-2021-2262 Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite (component: Endeca). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged ... | 8.1 | HIGH | β | 0 |
| CVE-2021-2263 Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Intelligence, RFx). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows ... | 8.1 | HIGH | β | 0 |
| CVE-2021-2264 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows low pri... | 8.4 | HIGH | β | 0 |
| CVE-2021-2266 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high pr... | 6.0 | MEDIUM | β | 0 |
| CVE-2021-2267 Vulnerability in the Oracle Labor Distribution product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability ... | 8.1 | HIGH | β | 0 |
| CVE-2021-2268 Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: Courseware). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low priv... | 8.1 | HIGH | β | 0 |
| CVE-2021-31795 The PowerVR GPU kernel driver in pvrsrvkm.ko through 2021-04-24 for the Linux kernel, as used on Alcatel 1S phones, allows attackers to overwrite heap memory via PhysmemNewRamBackedPMR. | 7.0 | HIGH | β | 0 |
| CVE-2021-2269 Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price Book). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low p... | 8.1 | HIGH | β | 0 |
| CVE-2021-2270 Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Sites). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileg... | 8.1 | HIGH | β | 0 |
| CVE-2021-2271 Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Resource Exceptions). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable v... | 8.1 | HIGH | β | 0 |
| CVE-2021-2272 Vulnerability in the Oracle Subledger Accounting product of Oracle E-Business Suite (component: Inquiries). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability all... | 8.1 | HIGH | β | 0 |
| CVE-2021-2273 Vulnerability in the Oracle Legal Entity Configurator product of Oracle E-Business Suite (component: Create Contracts). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulne... | 8.1 | HIGH | β | 0 |
| CVE-2021-31794 Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent header. | 6.1 | MEDIUM | β | 0 |
| CVE-2021-2274 Vulnerability in the Oracle E-Business Tax product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable... | 8.1 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.