|
197831
|
5.5 |
MEDIUM
Local
|
qualcomm
|
apq8009_firmware
apq8009w_firmware
apq8017_firmware
apq8053_firmware
apq8064au_firmware
apq8076_firmware
apq8096au_firmware
aqt1000_firmware
ar8031_firmware
ar8035_firmware…
|
Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon…
|
CWE-697
Incorrect Comparison
|
CVE-2021-1904
|
2024-11-21 14:45 |
2021-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197832
|
9.8 |
CRITICAL
Network
|
sonicwall
|
analytics
|
SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability…
|
NVD-CWE-noinfo
|
CVE-2021-20032
|
2024-11-21 14:45 |
2021-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197833
|
6.1 |
MEDIUM
Network
|
tecnick
|
tcexam
|
A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.4. The paths provided in the f, d, and dir parameters in tce_select_mediafile.php were not properly validated and could cause r…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20116
|
2024-11-21 14:45 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197834
|
6.1 |
MEDIUM
Network
|
tecnick
|
tcexam
|
A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.3. The paths provided in the f, d, and dir parameters in tce_filemanager.php were not properly validated and could cause reflec…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20115
|
2024-11-21 14:45 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197835
|
9.8 |
CRITICAL
Network
|
sonicwall
|
sma_210_firmware
sma_410_firmware
sma_500v_firmware
sra_4600_firmware
sra_1600_firmware
sra_va_firmware
|
Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and…
|
CWE-89
SQL Injection
|
CVE-2021-20028
|
2024-11-21 14:45 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197836
|
7.5 |
HIGH
Network
|
tecnick
|
tcexam
|
When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2021-20114
|
2024-11-21 14:45 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197837
|
5.3 |
MEDIUM
Network
|
tecnick
|
tcexam
|
An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. If a password reset request was made for an email address that was not registered with a user then we would be presented…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-20113
|
2024-11-21 14:45 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197838
|
5.4 |
MEDIUM
Network
|
tecnick
|
tcexam
|
A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1. Valid files uploaded via tce_select_mediafile.php with a filename beggining with a period will be rendered as text/html. An att…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20112
|
2024-11-21 14:45 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197839
|
5.4 |
MEDIUM
Network
|
tecnick
|
tcexam
|
A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1. Valid files uploaded via tce_filemanager.php with a filename beggining with a period will be rendered as text/html. An attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20111
|
2024-11-21 14:45 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197840
|
6.5 |
MEDIUM
Local
|
tenable
|
nessus
|
Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to …
|
NVD-CWE-noinfo
|
CVE-2021-20106
|
2024-11-21 14:45 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
