|
197341
|
5.4 |
MEDIUM
Network
|
flarum
|
sticky
|
Flarum is an open source discussion platform for websites. The "Flarum Sticky" extension versions 0.1.0-beta.14 and 0.1.0-beta.15 has a cross-site scripting vulnerability. A change in release beta 14…
|
-
|
CVE-2021-21283
|
2024-11-21 14:47 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197342
|
6.5 |
MEDIUM
Network
|
tendermint
|
tendermint
|
Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. …
|
-
|
CVE-2021-21271
|
2024-11-21 14:47 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197343
|
4.3 |
MEDIUM
Network
|
report_project
oracle
|
report
communications_cloud_native_core_network_slice_selection_function
communications_pricing_design_center
|
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a re…
|
CWE-352
Origin Validation Error
|
CVE-2021-21275
|
2024-11-21 14:47 |
2021-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197344
|
5.5 |
MEDIUM
Local
|
octopus
|
octopusdsc
|
OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API ke…
|
-
|
CVE-2021-21270
|
2024-11-21 14:47 |
2021-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197345
|
7.7 |
HIGH
Network
|
deislabs
|
oras
|
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before vers…
|
CWE-59
Link Following
|
CVE-2021-21272
|
2024-11-21 14:47 |
2021-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197346
|
5.4 |
MEDIUM
Network
|
bigprof
|
online_invoicing_system
|
Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XS…
|
-
|
CVE-2021-21260
|
2024-11-21 14:47 |
2021-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197347
|
6.1 |
MEDIUM
Network
|
hedgedoc
|
hedgedoc
|
HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, whic…
|
-
|
CVE-2021-21259
|
2024-11-21 14:47 |
2021-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197348
|
5.3 |
MEDIUM
Network
|
onlinevotingsystem_project
|
onlinevotingsystem
|
OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2021-21253
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197349
|
6.5 |
MEDIUM
Network
|
pysaml2_project
debian
|
pysaml2
debian_linux
|
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default C…
|
-
|
CVE-2021-21239
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197350
|
6.5 |
MEDIUM
Network
|
pysaml2_project
|
pysaml2
|
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to valid…
|
-
|
CVE-2021-21238
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
