|
200541
|
5.7 |
MEDIUM
Adjacent
|
zte
|
zxhn_h196q_firmware
|
A ZTE product has an information leak vulnerability. An attacker with higher authority can go beyond their authority to access files in other directories by performing specific operations, resulting …
|
CWE-863
Incorrect Authorization
|
CVE-2021-21725
|
2024-11-21 14:48 |
2021-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200542
|
4.8 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is an XSS vulnerab…
|
-
|
CVE-2021-21314
|
2024-11-21 14:48 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200543
|
3.3 |
LOW
Local
|
datadoghq
|
datadog-api-client-java
|
The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on…
|
NVD-CWE-Other
|
CVE-2021-21331
|
2024-11-21 14:48 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200544
|
6.1 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21313
|
2024-11-21 14:48 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200545
|
9.0 |
CRITICAL
Network
|
pugjs
|
pug
pug-code-gen
|
Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a …
|
-
|
CVE-2021-21353
|
2024-11-21 14:48 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200546
|
9.1 |
CRITICAL
Network
|
anuko
|
time_tracker
|
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In TimeTracker before version 1.19.24.5415 tokens used in password reset feature in Time Tracker are based on…
|
-
|
CVE-2021-21352
|
2024-11-21 14:48 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200547
|
4.9 |
MEDIUM
Network
|
dell
|
openmanage_server_administrator
|
Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view…
|
CWE-22
Path Traversal
|
CVE-2021-21514
|
2024-11-21 14:48 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200548
|
9.8 |
CRITICAL
Network
|
dell
|
openmanage_server_administrator
|
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A …
|
CWE-287
Improper Authentication
|
CVE-2021-21513
|
2024-11-21 14:48 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200549
|
9.8 |
CRITICAL
Network
|
fastify-http-proxy_project
|
fastify-http-proxy
|
fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the pr…
|
-
|
CVE-2021-21322
|
2024-11-21 14:48 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200550
|
10.0 |
CRITICAL
Network
|
fastify-reply-from_project
|
fastify-reply-from
|
fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is pos…
|
-
|
CVE-2021-21321
|
2024-11-21 14:48 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
