|
198741
|
6.5 |
MEDIUM
Network
|
docker
debian
netapp
|
docker
debian_linux
e-series_santricity_os_controller
|
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2021-21285
|
2024-11-21 14:47 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198742
|
6.1 |
MEDIUM
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. In OAuth2…
|
-
|
CVE-2021-21291
|
2024-11-21 14:47 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198743
|
8.3 |
HIGH
Network
|
mechanize_project
fedoraproject
debian
|
mechanize
fedora
debian_linux
|
Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize from version 2.0.0 and before version 2.7.7 there is a command injection vulnerability. Affected versi…
|
CWE-78
OS Command
|
CVE-2021-21289
|
2024-11-21 14:47 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198744
|
6.8 |
MEDIUM
Adjacent
|
docker
debian
netapp
|
docker
debian_linux
e-series_santricity_os_controller
|
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns…
|
CWE-22
Path Traversal
|
CVE-2021-21284
|
2024-11-21 14:47 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198745
|
7.7 |
HIGH
Network
|
minio
|
minio
|
MinIO is a High Performance Object Storage released under Apache License v2.0. In MinIO before version RELEASE.2021-01-30T00-20-58Z there is a server-side request forgery vulnerability. The target ap…
|
-
|
CVE-2021-21287
|
2024-11-21 14:47 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198746
|
8.8 |
HIGH
Network
|
wwbn
|
avideo
|
AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables…
|
-
|
CVE-2021-21286
|
2024-11-21 14:47 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198747
|
8.8 |
HIGH
Network
|
peerigon
|
angular-expressions
|
angular-expressions is "angular's nicest part extracted as a standalone module for the browser and node". In angular-expressions before version 1.1.2 there is a vulnerability which allows Remote Code…
|
CWE-94
Code Injection
|
CVE-2021-21277
|
2024-11-21 14:47 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198748
|
9.3 |
CRITICAL
Network
|
polrproject
|
polr
|
Polr is an open source URL shortener. in Polr before version 2.3.0, a vulnerability in the setup process allows attackers to gain admin access to site instances, even if they do not possess an existi…
|
-
|
CVE-2021-21276
|
2024-11-21 14:47 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198749
|
5.0 |
MEDIUM
Network
|
openhab
|
openhab
|
openHAB is a vendor and technology agnostic open source automation software for your home. In openHAB before versions 2.5.12 and 3.0.1 the XML external entity (XXE) attack allows attackers in the sam…
|
-
|
CVE-2021-21266
|
2024-11-21 14:47 |
2021-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198750
|
6.5 |
MEDIUM
Network
|
ckeditor
|
ckeditor5
|
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) before version 25.0.0 has a regex denial of serv…
|
-
|
CVE-2021-21254
|
2024-11-21 14:47 |
2021-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
