|
197801
|
6.1 |
MEDIUM
Network
|
jenkins
|
git
|
Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripti…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2021-21684
|
2024-11-21 14:48 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197802
|
6.5 |
MEDIUM
Network
|
jenkins
|
jenkins
|
The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Ov…
|
CWE-22
Path Traversal
|
CVE-2021-21683
|
2024-11-21 14:48 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197803
|
4.3 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Window…
|
NVD-CWE-noinfo
|
CVE-2021-21682
|
2024-11-21 14:48 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197804
|
6.5 |
MEDIUM
Network
|
php
|
php
|
In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when…
|
CWE-22
Path Traversal
|
CVE-2021-21706
|
2024-11-21 14:48 |
2021-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197805
|
5.3 |
MEDIUM
Network
|
php
netapp
oracle
|
php
clustered_data_ontap
sd-wan_aware
|
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid…
|
CWE-20
Improper Input Validation
|
CVE-2021-21705
|
2024-11-21 14:48 |
2021-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197806
|
5.9 |
MEDIUM
Network
|
php
netapp
|
php
clustered_data_ontap
|
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, …
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21704
|
2024-11-21 14:48 |
2021-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197807
|
4.9 |
MEDIUM
Network
|
dell
|
emc_networker
|
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and …
|
-
|
CVE-2021-21570
|
2024-11-21 14:48 |
2021-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197808
|
4.9 |
MEDIUM
Network
|
dell
|
emc_networker
|
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain acce…
|
CWE-22
Path Traversal
|
CVE-2021-21569
|
2024-11-21 14:48 |
2021-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197809
|
4.4 |
MEDIUM
Local
|
dell
|
latitude_5285_2-in-1_firmware
latitude_5289_2-in-1_firmware
latitude_5310_2-in-1_firmware
latitude_5290_2-in-1_firmware
latitude_7210_2-in-1_firmware
latitude_7212_rugged_extreme_table…
|
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resett…
|
NVD-CWE-noinfo
|
CVE-2021-21522
|
2024-11-21 14:48 |
2021-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197810
|
5.5 |
MEDIUM
Local
|
zte
|
axon_30_pro_message_service
|
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive inform…
|
NVD-CWE-Other
|
CVE-2021-21742
|
2024-11-21 14:48 |
2021-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
