Vulmon Recent Vulnerabilities Trends Blog About Contact

cve-2021-1716 vulnerabilities and exploits

(subscribe to this query)

2.1
CVSSv2
CVE-2009-1716
CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files created for downloads, which allows local users to obtain sensitive information by reading these files....
5
CVSSv2
CVE-2005-1716
TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses....
4.3
CVSSv2
CVE-2012-2021
Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors....
4.3
CVSSv2
CVE-2007-3102
Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from...
2.1
CVSSv2
CVE-2004-0813
Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations....
4.3
CVSSv2
CVE-2005-2021
Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page....
2.1
CVSSv2
CVE-2017-1716
IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. IBM X-Force ID: 134638....
7.5
CVSSv2
CVE-2010-1716
SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php....
5.1
CVSSv2
CVE-2006-1716
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. NOTE: the email vector is already covered by CVE-2006-1625, although...
4.3
CVSSv2
CVE-2018-1716
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionenviragalleryCVE-2020-27368CVE-2021-23926injectionenvira galleryCVE-2020-6207CVE-2021-21242unspecifiedCVE-2021-24122CVE-2021-0212