|
201351
|
5.5 |
MEDIUM
Local
|
oracle
redhat
|
virtualization
ansible_tower
google_cloud_platform_ansible_collection
cisco_nx-os_collection
ansible
community_general_collection
community_network_collection
docker_community_co…
|
A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage o…
|
-
|
CVE-2021-20191
|
2024-11-21 14:46 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201352
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can pa…
|
-
|
CVE-2021-20177
|
2024-11-21 14:46 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201353
|
8.2 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vu…
|
CWE-611
XXE
|
CVE-2021-20492
|
2024-11-21 14:46 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201354
|
9.1 |
CRITICAL
Network
|
ibm
|
power9_system_firmware
scale-out_lc_system_firmware
|
IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2021-20487
|
2024-11-21 14:46 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201355
|
6.5 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_data
|
IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668.
|
NVD-CWE-noinfo
|
CVE-2021-20486
|
2024-11-21 14:46 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201356
|
5.5 |
MEDIUM
Local
|
redhat
fedoraproject
|
ansible_tower
ansible
fedora
|
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw…
|
-
|
CVE-2021-20178
|
2024-11-21 14:46 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201357
|
7.5 |
HIGH
Network
|
privoxy
|
privoxy
|
A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-20209
|
2024-11-21 14:46 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201358
|
7.2 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 199184.
|
CWE-78
OS Command
|
CVE-2021-20557
|
2024-11-21 14:46 |
2021-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201359
|
5.3 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20428
|
2024-11-21 14:46 |
2021-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201360
|
9.8 |
CRITICAL
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, o…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-20426
|
2024-11-21 14:46 |
2021-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
