Total
9641 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45653 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2024-11-21 | 3.9 Low |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | ||||
| CVE-2021-45652 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | ||||
| CVE-2021-45651 | 1 Netgear | 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more | 2024-11-21 | 7.4 High |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK50 before 2.7.3.22, RBR50 before 2.7.3.22, and RBS50 before 2.7.3.22. | ||||
| CVE-2021-45650 | 1 Netgear | 16 R6400v2, R6400v2 Firmware, R6700v3 and 13 more | 2024-11-21 | 9.1 Critical |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before 1.3.2.126. | ||||
| CVE-2021-45649 | 1 Netgear | 10 R6400v2, R6400v2 Firmware, R6700v3 and 7 more | 2024-11-21 | 7.9 High |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126. | ||||
| CVE-2021-45648 | 1 Netgear | 36 Ex6100v2, Ex6100v2 Firmware, Ex6150v2 and 33 more | 2024-11-21 | 3.1 Low |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EX6100v2 before 1.0.1.106, EX6150v2 before 1.0.1.106, EX6250 before 1.0.0.146, EX6400 before 1.0.2.164, EX6400v2 before 1.0.0.146, EX6410 before 1.0.0.146, EX6420 before 1.0.0.146, EX7300 before 1.0.2.164, EX7300v2 before 1.0.0.146, EX7320 before 1.0.0.146, EX7700 before 1.0.0.222, LBR1020 before 2.6.5.16, LBR20 before 2.6.5.2, RBK352 before 4.3.4.7, RBK50 before 2.7.3.22, RBR350 before 4.3.4.7, RBR50 before 2.7.3.22, and RBS350 before 4.3.4.7. | ||||
| CVE-2021-45647 | 1 Netgear | 68 Ac2100, Ac2100 Firmware, Ac2400 and 65 more | 2024-11-21 | 6.5 Medium |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. | ||||
| CVE-2021-45646 | 1 Netgear | 2 R7000, R7000 Firmware | 2024-11-21 | 5.3 Medium |
| NETGEAR R7000 devices before 1.0.11.116 are affected by disclosure of sensitive information. | ||||
| CVE-2021-45603 | 1 Netgear | 36 D7800, D7800 Firmware, Ex2700 and 33 more | 2024-11-21 | 6.1 Medium |
| Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. | ||||
| CVE-2021-45493 | 1 Netgear | 6 Rax35, Rax35 Firmware, Rax38 and 3 more | 2024-11-21 | 7.6 High |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102. | ||||
| CVE-2021-45486 | 3 Linux, Oracle, Redhat | 6 Linux Kernel, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Network Exposure Function and 3 more | 2024-11-21 | 3.5 Low |
| In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. | ||||
| CVE-2021-45475 | 1 Yordam | 1 Library Automation System | 2024-11-21 | 5.3 Medium |
| Yordam Library Information Document Automation product before version 19.02 has an unauthenticated Information disclosure vulnerability. | ||||
| CVE-2021-45421 | 1 Emerson | 2 Dixell Xweb-500, Dixell Xweb-500 Firmware | 2024-11-21 | 7.5 High |
| Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced | ||||
| CVE-2021-45420 | 1 Emerson | 2 Dixell Xweb-500, Dixell Xweb-500 Firmware | 2024-11-21 | 9.8 Critical |
| Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced | ||||
| CVE-2021-45346 | 2 Netapp, Sqlite | 2 Ontap Select Deploy Administration Utility, Sqlite | 2024-11-21 | 4.3 Medium |
| A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect. | ||||
| CVE-2021-45310 | 1 Sangoma | 1 Switchvox | 2024-11-21 | 5.3 Medium |
| Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted by sending an unauthenticated HTTP GET request to the https://Switchvox-IP/main?cmd=invalid_browser. | ||||
| CVE-2021-45095 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. | ||||
| CVE-2021-45038 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 5.3 Medium |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. By using an action=rollback query, attackers can view private wiki contents. | ||||
| CVE-2021-44739 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 Medium |
| Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. | ||||
| CVE-2021-44717 | 4 Debian, Golang, Opengroup and 1 more | 10 Debian Linux, Go, Unix and 7 more | 2024-11-21 | 4.8 Medium |
| Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion. | ||||