• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-668

CVE-2021-20461

February 23, 2023 by

IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration setting. An attacker could potentially bypass business logic to modify the appearance and behavior of the application. IBM X-Force ID: 196770.

CVE-2021-20373

February 23, 2023 by

IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID: 199521.

CVE-2021-20355

February 23, 2023 by

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891.

CVE-2021-1918

February 23, 2023 by

Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVE-2021-1423

February 23, 2023 by

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to overwrite or create files with data that is already present in other files that are hosted on the affected device.

CVE-2021-1438

February 23, 2023 by

A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to read arbitrary files that they originally did not have permissions to access.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 49
  • Go to page 50
  • Go to page 51
  • Go to page 52
  • Go to page 53
  • Interim pages omitted …
  • Go to page 101
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE