|
200011
|
9.1 |
CRITICAL
Network
|
anuko
|
time_tracker
|
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In TimeTracker before version 1.19.24.5415 tokens used in password reset feature in Time Tracker are based on…
|
-
|
CVE-2021-21352
|
2024-11-21 14:48 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200012
|
4.9 |
MEDIUM
Network
|
dell
|
openmanage_server_administrator
|
Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view…
|
CWE-22
Path Traversal
|
CVE-2021-21514
|
2024-11-21 14:48 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200013
|
9.8 |
CRITICAL
Network
|
dell
|
openmanage_server_administrator
|
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A …
|
CWE-287
Improper Authentication
|
CVE-2021-21513
|
2024-11-21 14:48 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200014
|
9.8 |
CRITICAL
Network
|
fastify-http-proxy_project
|
fastify-http-proxy
|
fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the pr…
|
-
|
CVE-2021-21322
|
2024-11-21 14:48 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200015
|
10.0 |
CRITICAL
Network
|
fastify-reply-from_project
|
fastify-reply-from
|
fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is pos…
|
-
|
CVE-2021-21321
|
2024-11-21 14:48 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200016
|
4.3 |
MEDIUM
Network
|
matrix-react-sdk_project
|
matrix-react-sdk
|
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected…
|
-
|
CVE-2021-21320
|
2024-11-21 14:48 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200017
|
7.2 |
HIGH
Network
|
dell
|
emc_srs_policy_manager
|
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A re…
|
CWE-611
XXE
|
CVE-2021-21517
|
2024-11-21 14:48 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200018
|
5.4 |
MEDIUM
Network
|
dell
|
emc_sourceone
|
Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessio…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21515
|
2024-11-21 14:48 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200019
|
4.4 |
MEDIUM
Local
|
zte
|
zxr10_8900e_firmware
|
A ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optica…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-21724
|
2024-11-21 14:48 |
2021-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200020
|
6.1 |
MEDIUM
Network
|
aiohttp
debian
fedoraproject
|
aiohttp
debian_linux
fedora
|
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based…
|
-
|
CVE-2021-21330
|
2024-11-21 14:48 |
2021-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
