‼ CVE-2021-43415 ‼
📖 Read
via "National Vulnerability Database".
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35414 ‼
📖 Read
via "National Vulnerability Database".
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35413 ‼
📖 Read
via "National Vulnerability Database".
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated attackers to execute arbitrary code via a crafted .htaccess file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44044 ‼
📖 Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists when reading a JPG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing JPG files. Crafted data in a JPG (4 extraneous bytes before the marker 0xca) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37253 ‼
📖 Read
via "National Vulnerability Database".
M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP requests with crafted Range or Request-Range headers).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44048 ‼
📖 Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists when reading a TIF file using Open Design Alliance (ODA) Drawings Explorer before 2022.11. The specific issue exists after loading TIF files. Crafted data in a TIF file can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44046 ‼
📖 Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists when reading U3D files in Open Design Alliance PRC SDK before 2022.11. An unchecked return value of a function (verifying input data from a U3D file) leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44047 ‼
📖 Read
via "National Vulnerability Database".
A use-after-free vulnerability exists when reading a DWF/DWFX file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing DWF/DWFX files. Crafted data in a DWF/DWFX file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44045 ‼
📖 Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation for the XFAT sectors count can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43035 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated SQL injection vulnerabilities were discovered, allowing arbitrary SQL queries to be injected and executed under the postgres superuser account. Remote code execution was possible, leading to full access to the postgres user account.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43041 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP request could induce a format string vulnerability in the privileged vaultServer application.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43036 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for the PostgreSQL wguest account is weak.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43043 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43033 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in the bpserverd daemon were vulnerable to arbitrary remote code execution as root. The vulnerability was caused by untrusted input (received by the server) being passed to system calls.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43040 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged vaultServer could be leveraged to create arbitrary writable files, leading to privilege escalation.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43044 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The SNMP daemon was configured with a weak default community.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43034 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43038 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The wguest account could execute commands by injecting into PostgreSQL trigger functions. This allowed privilege escalation from the wguest user to the postgres user.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43039 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Samba file sharing service allowed anonymous read/write access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43037 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43042 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A buffer overflow existed in the vaultServer component. This was exploitable by a remote unauthenticated attacker.📖 Read
via "National Vulnerability Database".