|
197851
|
4.4 |
MEDIUM
Local
|
dell
|
emc_powerscale_onefs
|
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_A…
|
CWE-426
Untrusted Search Path
|
CVE-2021-21562
|
2024-11-21 14:48 |
2021-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197852
|
8.8 |
HIGH
Local
|
dell
|
powerscale_onefs
|
Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of …
|
NVD-CWE-Other
|
CVE-2021-21553
|
2024-11-21 14:48 |
2021-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197853
|
5.5 |
MEDIUM
Local
|
dell
|
emc_networker
|
Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentiall…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-21546
|
2024-11-21 14:48 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197854
|
10.0 |
CRITICAL
Network
|
dell
|
idrac9_firmware
|
Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerabilit…
|
CWE-287
Improper Authentication
|
CVE-2021-21538
|
2024-11-21 14:48 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197855
|
4.3 |
MEDIUM
Network
|
otrs
|
otrs
|
Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OT…
|
NVD-CWE-noinfo
|
CVE-2021-21443
|
2024-11-21 14:48 |
2021-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197856
|
5.4 |
MEDIUM
Network
|
otrs
|
time_accounting
|
In the project create screen it's possible to inject malicious JS code to the certain fields. The code might be executed in the Reporting screen. This issue affects: OTRS AG Time Accounting: 7.0.x ve…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21442
|
2024-11-21 14:48 |
2021-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197857
|
6.5 |
MEDIUM
Network
|
otrs
|
otrs
|
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS …
|
NVD-CWE-noinfo
|
CVE-2021-21440
|
2024-11-21 14:48 |
2021-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197858
|
6.5 |
MEDIUM
Network
|
combodo
|
itop
|
Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnera…
|
CWE-352
Origin Validation Error
|
CVE-2021-21407
|
2024-11-21 14:48 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197859
|
8.8 |
HIGH
Network
|
combodo
|
itop
|
Combodo iTop is an open source, web based IT Service Management tool. In versions prior to 2.7.4, there is a command injection vulnerability in the Setup Wizard when providing Graphviz executable pat…
|
CWE-77
Command Injection
|
CVE-2021-21406
|
2024-11-21 14:48 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197860
|
6.1 |
MEDIUM
Network
|
advantech
|
r-seenet
|
Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary Jav…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21800
|
2024-11-21 14:48 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
