|
196621
|
5.4 |
MEDIUM
Network
|
atlassian
|
data_center
jira
jira_server
jira_data_center
|
The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2021-26082
|
2024-11-21 14:55 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196622
|
5.3 |
MEDIUM
Network
|
atlassian
|
data_center
jira
jira_server
jira_data_center
|
REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to enumerate usernames vi…
|
NVD-CWE-noinfo
|
CVE-2021-26081
|
2024-11-21 14:55 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196623
|
9.8 |
CRITICAL
Network
|
putil-merge_project
|
putil-merge
|
Prototype pollution vulnerability in 'putil-merge' versions1.0.0 through 3.6.6 allows attacker to cause a denial of service and may lead to remote code execution.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-25953
|
2024-11-21 14:55 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196624
|
4.3 |
MEDIUM
Adjacent
|
siemens
|
rwg1.m12_firmware
rwg1.m12d_firmware
rwg1.m8_firmware
|
A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected…
|
-
|
CVE-2021-25671
|
2024-11-21 14:55 |
2021-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196625
|
9.6 |
CRITICAL
Adjacent
|
fortinet
|
fortinet_single_sign-on
|
An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending sp…
|
CWE-287
Improper Authentication
|
CVE-2021-26088
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196626
|
7.5 |
HIGH
Network
|
fortinet
|
fortimail
|
A missing release of memory after its effective lifetime vulnerability in the Webmail of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6 may allow an unauthenticated remote attacker to exhaust …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-26090
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196627
|
7.8 |
HIGH
Local
|
fortinet
|
forticlient
|
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.
|
CWE-59
Link Following
|
CVE-2021-26089
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196628
|
4.9 |
MEDIUM
Network
|
fortinet
|
fortimail
|
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confident…
|
NVD-CWE-Other
|
CVE-2021-26099
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196629
|
7.8 |
HIGH
Local
|
fortinet
|
fortiap-w2
fortiap-s
fortiap
|
An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unau…
|
CWE-78
OS Command
|
CVE-2021-26106
|
2024-11-21 14:55 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196630
|
7.5 |
HIGH
Network
|
fortinet
|
fortimail
|
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such …
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2021-26100
|
2024-11-21 14:55 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
