Selection:
XSS CSRF Privilege Buffer Remote Stack
CVE ID Name Status References
CVE-2021-46899

SyncTrayzor 1.1.29 enables CEF (Chromium Embedded Framework) remote debugging, allowing a local attacker to control the application.

Assigned (20231209)

MISC:https://github.com/canton7/SyncTrayzor/issues/666 | MISC:https://github.com/canton7/SyncTrayzor/releases

CVE-2021-46898

views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prevent external redirection with startswith("/") but this does not consider a protocol-relative URL (e.g., //example.com) attack.

Assigned (20231022)

MISC:https://github.com/sehmaschine/django-grappelli/commit/4ca94bcda0fa2720594506853d85e00c8212968f | MISC:https://github.com/sehmaschine/django-grappelli/compare/2.15.1...2.15.2 | MISC:https://github.com/sehmaschine/django-grappelli/issues/975 | MISC:https://github.com/sehmaschine/django-grappelli/pull/976

CVE-2021-46897

views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed CMS or coderedcms) before 0.22.3 allows upward protected/..%2f..%2f path traversal when serving protected media.

Assigned (20231022)

MISC:https://github.com/coderedcorp/coderedcms/compare/v0.22.2...v0.22.3 | MISC:https://github.com/coderedcorp/coderedcms/issues/448 | MISC:https://github.com/coderedcorp/coderedcms/pull/450

CVE-2021-46896

Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332.

Assigned (20230705)

MISC:https://github.com/PX4/PX4-Autopilot/issues/18369

CVE-2021-46895

Vulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability will cause the hopped app to bypass the app lock and reset the device that initiates the hop.

Assigned (20230629)

MISC:https://consumer.huawei.com/en/support/bulletin/2023/8/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/8/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725

CVE-2021-46894

Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation.

Assigned (20230629)

MISC:https://consumer.huawei.com/en/support/bulletin/2023/7/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/7/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858

CVE-2021-46893

Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect integrity.

Assigned (20230629)

MISC:https://consumer.huawei.com/en/support/bulletin/2023/7/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/7/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality.

Assigned (20230629)

MISC:https://consumer.huawei.com/en/support/bulletin/2023/7/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/7/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858

CVE-2021-46891

Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

Assigned (20230629)

MISC:https://consumer.huawei.com/en/support/bulletin/2023/7/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/7/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858

CVE-2021-46890

Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

Assigned (20230629)

MISC:https://consumer.huawei.com/en/support/bulletin/2023/7/ | URL:https://consumer.huawei.com/en/support/bulletin/2023/7/ | MISC:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | URL:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858


Page created:

CVE year by year statistics.

CVE year statistics by common vulnerability domain.

Latest data from: 2023-12-11