CVE-2021-37414: Vulnerability: Improper Authorization Handling

Possible system denial of service in case of arbitrary changing Firefox browser parameters. An attacker could change specific Firefox browser parameters file in a certain way and then reboot the system to make the system unbootable.

The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information.

An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data.

The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users.

The company also provided guidance on how to protect information stored in inactive accounts.

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.

Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.

Allows users to securely generate unique email aliases, adding an extra layer of online privacy.

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.

The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file due to a user-supplied URL request value that gets called by a curl requests. This affects versions up to, and including, 1.8.0.

In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection.

In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover.

Zoho ManageEngine DesktopCentral version 10.1.2119.7 and prior allows anyone to get a valid user's APIKEY without authentication.

The SP Rental Manager WordPress plugin is vulnerable to SQL Injection via the orderby parameter found in the ~/user/shortcodes.php file which allows attackers to retrieve information contained in a site's database, in versions up to and including 1.5.3.

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1. A local attacker may be able to view contacts from the lock screen.

The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.

The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos.

A Lock Screen issue was addressed with improved state management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.0.1 and iPadOS 15.0.1. A user may be able to view restricted content from the Lock Screen.

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.

Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time.