Export limit exceeded: 349959 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 25347 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25347 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-39980 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.3 Medium |
| Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure. | ||||
| CVE-2021-39972 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.5 High |
| MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | ||||
| CVE-2021-39941 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.7 Low |
| An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members | ||||
| CVE-2021-39932 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.3 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing code changes. | ||||
| CVE-2021-39898 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.7 Low |
| In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the project which it was exported from. | ||||
| CVE-2021-39856 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.5 Medium |
| Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page. | ||||
| CVE-2021-39855 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.5 Medium |
| Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. | ||||
| CVE-2021-39791 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In WallpaperManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194112606 | ||||
| CVE-2021-39788 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In TelecomManager, there is a possible way to check if a particular self managed phone account was registered on the device due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-191768014 | ||||
| CVE-2021-39778 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Telecomm, there is a possible way to determine whether an app is installed, without query permissions, due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-196406138 | ||||
| CVE-2021-39775 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In People, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-206465854 | ||||
| CVE-2021-39773 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In VpnManagerService, there is a possible disclosure of installed VPN packages due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-191276656 | ||||
| CVE-2021-39771 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Settings, there is a possible way to misrepresent which app wants to add a wifi network due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-198661951 | ||||
| CVE-2021-39766 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-198296421 | ||||
| CVE-2021-39764 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Settings, there is a possible way to display an incorrect app name due to improper input validation. This could lead to local escalation of privilege via app spoofing with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-170642995 | ||||
| CVE-2021-39763 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Settings, there is a possible way to make the user enable WiFi due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-199176115 | ||||
| CVE-2021-39761 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Media, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-179783181 | ||||
| CVE-2021-39760 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In AudioService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194110526 | ||||
| CVE-2021-39756 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Framework, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-184354287 | ||||
| CVE-2021-39755 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204995407 | ||||