|
197851
|
8.8 |
HIGH
Network
|
foxit
|
pdf_reader
|
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, …
|
CWE-416
Use After Free
|
CVE-2021-21870
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197852
|
8.8 |
HIGH
Network
|
foxit
|
pdf_reader
|
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory,…
|
CWE-416
Use After Free
|
CVE-2021-21831
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197853
|
9.8 |
CRITICAL
Network
|
advantech
|
r-seenet
|
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execut…
|
CWE-78
OS Command
|
CVE-2021-21805
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197854
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22241
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197855
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Improper access control in GitLab EE versions 13.11.6, 13.12.6, and 14.0.2 allows users to be created via single sign on despite user cap being enabled
|
CWE-863
Incorrect Authorization
|
CVE-2021-22240
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197856
|
7.8 |
HIGH
Local
|
codesys
|
development_system
|
A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21863
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197857
|
7.5 |
HIGH
Network
|
fortinet
|
fortisandbox
fortiauthenticator
|
An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator b…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-22124
|
2024-11-21 14:49 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197858
|
7.8 |
HIGH
Local
|
codesys
|
development_system
|
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafte…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21866
|
2024-11-21 14:49 |
2021-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197859
|
7.8 |
HIGH
Local
|
codesys
|
development_system
|
A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can le…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21865
|
2024-11-21 14:49 |
2021-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197860
|
7.8 |
HIGH
Local
|
codesys
|
development_system
|
A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially cra…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21864
|
2024-11-21 14:49 |
2021-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
