LiveActive security incident?Get immediate response
CVE archive

November 2021

Browse CVE records published in November 2021, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 1519 matching CVEs · Page 2 of 31.

Critical · CVSS 10 · CISA KEV

CVE-2021-41277: GeoJSON URL validation can expose server files and environment variables to unauthorized users

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you’re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.

Published Nov 17, 2021 · Updated Oct 21, 2025

Critical · CVSS 9.1

CVE-2021-43778: Path traversal in GLPI barcode plugin

Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.

Published Nov 24, 2021 · Updated Sep 8, 2025

Medium · CVSS 4.4

CVE-2021-39077: IBM Security Guardium information disclosure

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.

Published Nov 3, 2022 · Updated Jul 23, 2025

Low · CVSS 3.5

CVE-2021-4430: Ortus Solutions ColdBox Elixir ENV Variable defaultConfig.js information disclosure

A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6. This affects an unknown part of the file src/defaultConfig.js of the component ENV Variable Handler. The manipulation leads to information disclosure. Upgrading to version 3.1.7 is able to address this issue. The identifier of the patch is a3aa62daea2e44c76d08d1eac63768cd928cd69e. It is recommended to upgrade the affected component. The identifier VDB-244485 was assigned to this vulnerability.

Published Nov 6, 2023 · Updated Jun 12, 2025

Critical · CVSS 9.6

CVE-2021-43523: In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by...

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.

Published Nov 10, 2021 · Updated May 5, 2025

High · CVSS 7.7

CVE-2021-45447: Pentaho Business Analytics Server - With the Data Lineage feature enabled, the system transmits database passwords in clear text

Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text.   The transmission of sensitive data in clear text allows unauthorized actors with access to the network to sniff and obtain sensitive information that can be later used to gain unauthorized access.

Published Nov 2, 2022 · Updated May 2, 2025

High · CVSS 8.4

CVE-2021-44862: Sensitive Information store in NSClient logs

Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.

Published Nov 3, 2022 · Updated May 2, 2025

High · CVSS 7.1

CVE-2021-45448: Pentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds.

Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user-supplied path to access resources that are out of bounds.  The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.  By using special elements such as ".." and "/" separators, attackers can escape outside of the restricted location to access files or directories that are elsewhere on the system.

Published Nov 2, 2022 · Updated May 2, 2025

High · CVSS 7.8

CVE-2021-1050: In MMU_UnmapPages of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bo...

In MMU_UnmapPages of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-243825200

Published Nov 8, 2022 · Updated May 1, 2025

High · CVSS 7.8

CVE-2021-39661: In _PMRLogicalOffsetToPhysicalOffset of the PowerVR kernel driver, there is a possible out of bounds write...

In _PMRLogicalOffsetToPhysicalOffset of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-246824784

Published Nov 8, 2022 · Updated May 1, 2025

Critical · CVSS 9.1

CVE-2021-34566: WAGO I/O-Check Service prone to Memory Overflow

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.

Published Nov 9, 2022 · Updated May 1, 2025

High · CVSS 8.2

CVE-2021-34567: WAGO I/O-Check Service prone to Out-of-bounds Read

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.

Published Nov 9, 2022 · Updated May 1, 2025

Medium · CVSS 5.4

CVE-2021-25978: Apostrophe - XSS

Apostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable to Stored XSS where an editor uploads an SVG file that contains malicious JavaScript onto the Images module, which triggers XSS once viewed.

Published Nov 7, 2021 · Updated Apr 30, 2025

Critical · CVSS 9.8

CVE-2021-25979: Apostrophe - Insufficient Session Expiration

Apostrophe CMS versions prior to 3.3.1 did not invalidate existing login sessions when disabling a user account or changing the password, creating a situation in which a device compromised by a third party could not be locked out by those means. As a mitigation for older releases the user account in question can be archived (3.x) or moved to the trash (2.x and earlier) which does disable the existing session.

Published Nov 8, 2021 · Updated Apr 30, 2025