NVD-CWE-Other

CVE-2021-30192

February 23, 2023 by

CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.

TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the admin web server accessible over the Internet on TCP port 8181, which is arguably inconsistent with the “It is only available on the local network” documentation. NOTE: manually editing /etc/upnp.json provides a partial but undocumented workaround.

CVE-2021-30132

February 23, 2023 by

Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.

CVE-2021-3006

February 23, 2023 by

The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an Ethereum token, lacks access control and thus allows price manipulation, as exploited in the wild in December 2020 and January 2021.

CVE-2021-29973

February 23, 2023 by

Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user’s password would be entered by the browser’s autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.

CVE-2021-29975

February 23, 2023 by

Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This vulnerability affects Firefox < 90.