Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2022-21661 vulnerabilities and exploits

(subscribe to this query)

9
CVSSv2
CVE-2021-25646
Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an...
Apache Druid
NA
CVE-2021-25642
ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run arbitrary commands as YARN user by exploiting this. Users should upgrade to...
Apache Hadoop
7.5
CVSSv2
CVE-2021-25641
Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which serialization id the Provider will use by tampering with the byte preamble flags,...
Apache Dubbo
NA
CVE-2021-26102
CVE-2021-26102 PoC of FortiWAN auth bypass (www.fortiguard.com/psirt/FG-IR-21-048)...
6.8
CVSSv2
CVE-2021-26857
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078....
Microsoft Exchange Server 2010Microsoft Exchange Server 2013Microsoft Exchange Server 2019Microsoft Exchange Server 2016
NA
CVE-2021-26121
PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged...
5
CVSSv2
CVE-2021-26294
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/%2e%2e when...
Afterlogic AuroraAfterlogic Webmail Pro
7.5
CVSSv2
CVE-2021-26295
Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz....
Apache Ofbiz
4.6
CVSSv2
CVE-2021-26415
Windows Installer Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28440....
Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 10 1607Microsoft Windows 8.1 -Microsoft Windows Server 2016 -Microsoft Windows Server 2008 -Microsoft Windows 7 -Microsoft Windows Rt 8.1 -Microsoft Windows Server 2012 -Microsoft Windows 10 -Microsoft Windows 10 20h2Microsoft Windows 10 1803Microsoft Windows 10 1809Microsoft Windows 10 1909Microsoft Windows 10 2004Microsoft Windows Server 2016 20h2Microsoft Windows Server 2016 1909Microsoft Windows Server 2016 2004Microsoft Windows Server 2019 -
4.6
CVSSv2
CVE-2021-28440
Windows Installer Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26415....
Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 R2Microsoft Windows 10 1607Microsoft Windows 8.1 -Microsoft Windows Server 2016 -Microsoft Windows Server 2008 -Microsoft Windows 7 -Microsoft Windows Rt 8.1 -Microsoft Windows Server 2012 -Microsoft Windows 10 -Microsoft Windows 10 20h2Microsoft Windows 10 1803Microsoft Windows 10 1809Microsoft Windows 10 1909Microsoft Windows 10 2004Microsoft Windows Server 2016 20h2Microsoft Windows Server 2016 1909Microsoft Windows Server 2016 2004Microsoft Windows Server 2019 -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-25675CVE-2023-21072physicalCVE-2023-28446encryptionCVE-2023-21076server-side request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook