|
197861
|
6.5 |
MEDIUM
Network
|
elastic
oracle
|
elasticsearch
communications_cloud_native_core_automated_test_suite
|
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with t…
|
CWE-674
Uncontrolled Recursion
|
CVE-2021-22144
|
2024-11-21 14:49 |
2021-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197862
|
7.5 |
HIGH
Network
|
cloudfoundry
|
user_account_and_authentication
cf-deployment
|
In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type “oauth 1.0” was sent t…
|
NVD-CWE-noinfo
|
CVE-2021-22001
|
2024-11-21 14:49 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197863
|
7.5 |
HIGH
Network
|
elastic
|
elasticsearch
|
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unab…
|
NVD-CWE-Other
|
CVE-2021-22146
|
2024-11-21 14:49 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197864
|
6.5 |
MEDIUM
Network
|
elastic
oracle
|
elasticsearch
communications_cloud_native_core_automated_test_suite
|
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-22145
|
2024-11-21 14:49 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197865
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2021-22235
|
2024-11-21 14:49 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197866
|
7.2 |
HIGH
Network
|
fortinet
|
fortisandbox
|
An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's s…
|
CWE-78
OS Command
|
CVE-2021-22125
|
2024-11-21 14:49 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197867
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-3040_firmware
|
A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can sen…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-21820
|
2024-11-21 14:49 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197868
|
7.2 |
HIGH
Network
|
dlink
|
dir-3040_firmware
|
A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker…
|
CWE-78
OS Command
|
CVE-2021-21819
|
2024-11-21 14:49 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197869
|
7.5 |
HIGH
Network
|
dlink
|
dir-3040_firmware
|
A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker c…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-21818
|
2024-11-21 14:49 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197870
|
7.5 |
HIGH
Network
|
dlink
|
dir-3040_firmware
|
An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive in…
|
CWE-200
Information Exposure
|
CVE-2021-21817
|
2024-11-21 14:49 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
