Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cve-2021-2045 vulnerabilities and exploits

(subscribe to this query)

312
VMScore
CVE-2016-2045
Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response....
Phpmyadmin Phpmyadmin 4.5.0Phpmyadmin Phpmyadmin 4.5.0.1Phpmyadmin Phpmyadmin 4.5.0.2Phpmyadmin Phpmyadmin 4.5.1Phpmyadmin Phpmyadmin 4.5.2Phpmyadmin Phpmyadmin 4.5.3Fedoraproject Fedora 22Fedoraproject Fedora 23
187
VMScore
CVE-2015-2045
The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors....
Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3Xen Xen 3.4.4Xen Xen 4.0.0Xen Xen 4.0.1Xen Xen 4.0.2Xen Xen 4.0.3Xen Xen 4.0.4Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.1.6.1Xen Xen 4.2.0Xen Xen 4.2.1Xen Xen 4.2.2Xen Xen 4.2.3Xen Xen 4.3.0Xen Xen 4.3.1Xen Xen 4.4.0Xen Xen 4.4.1Xen Xen 4.5.0Fedoraproject Fedora 20Fedoraproject Fedora 21Fedoraproject Fedora 22Debian Debian Linux 7.0
445
VMScore
CVE-2013-2020
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read....
Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 11.10Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 13.04Suse Linux Enterprise Server 11.0Clamav Clamav 0.9Clamav Clamav 0.90Clamav Clamav 0.90.1Clamav Clamav 0.90.1 P0Clamav Clamav 0.90.2Clamav Clamav 0.90.2 P0Clamav Clamav 0.90.3Clamav Clamav 0.90.3 P0Clamav Clamav 0.90.3 P1Clamav Clamav 0.91Clamav Clamav 0.91.1Clamav Clamav 0.91.2Clamav Clamav 0.91.2 P0Clamav Clamav 0.92Clamav Clamav 0.92.1Clamav Clamav 0.92 P0Clamav Clamav 0.93Clamav Clamav 0.93.1Clamav Clamav 0.93.2Clamav Clamav 0.93.3Clamav Clamav 0.94Clamav Clamav 0.94.1Clamav Clamav 0.94.2Clamav Clamav 0.95Clamav Clamav 0.95.1Clamav Clamav 0.95.2Clamav Clamav 0.95.3Clamav Clamav 0.96Clamav Clamav 0.96.1Clamav Clamav 0.96.2Clamav Clamav 0.96.3Clamav Clamav 0.96.4Clamav Clamav 0.96.5Clamav Clamav 0.97Clamav Clamav 0.97.1Clamav Clamav 0.97.2Clamav Clamav 0.97.3Clamav Clamav 0.97.4Clamav Clamav 0.97.5Clamav Clamav
383
VMScore
CVE-2013-2021
pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file....
Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 11.10Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 13.04Suse Linux Enterprise Server 11.0Clamav Clamav 0.97.1Clamav Clamav 0.97.2Clamav Clamav 0.97.3Clamav Clamav 0.97.4Clamav Clamav 0.97.5Clamav Clamav 0.97.6Clamav Clamav 0.97.7
NA
CVE-2021-2045
Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...
Oracle Text 12.1.0.2Oracle Text 12.2.0.1Oracle Text 18cOracle Text 19c
NA
CVE-2017-2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none....
578
VMScore
CVE-2013-2045
SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors....
Owncloud Owncloud 5.0.0Owncloud Owncloud 5.0.1Owncloud Owncloud 5.0.2Owncloud Owncloud 5.0.3Owncloud Owncloud 5.0.4Owncloud Owncloud 5.0.5
NA
CVE-2021-26025
PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image....
Acdsee Photo Studio 2021 14.0
445
VMScore
CVE-2014-10069
Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the...
Hitrontech Cve-30360 Firmware 3.1.1.21
NA
CVE-2021-1305
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information...
Cisco Ios Xe Sd-wan -Cisco Sd-wan FirmwareCisco Sd-wan Firmware 20.4.0Cisco Sd-wan Vsmart Controller FirmwareCisco Sd-wan Vbond Orchestrator -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelesstoodeequinn projecttype confusionCVE-2021-26857scratchpadCVE-2020-29020man-in-the-middleibmCVE-2021-26971CVE-2021-28032CVE-2021-21725CVE-2021-26855