|
197151
|
5.5 |
MEDIUM
Local
|
octopus
|
octopusdsc
|
OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API ke…
|
-
|
CVE-2021-21270
|
2024-11-21 14:47 |
2021-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197152
|
7.7 |
HIGH
Network
|
deislabs
|
oras
|
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before vers…
|
CWE-59
Link Following
|
CVE-2021-21272
|
2024-11-21 14:47 |
2021-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197153
|
5.4 |
MEDIUM
Network
|
bigprof
|
online_invoicing_system
|
Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XS…
|
-
|
CVE-2021-21260
|
2024-11-21 14:47 |
2021-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197154
|
6.1 |
MEDIUM
Network
|
hedgedoc
|
hedgedoc
|
HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, whic…
|
-
|
CVE-2021-21259
|
2024-11-21 14:47 |
2021-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197155
|
5.3 |
MEDIUM
Network
|
onlinevotingsystem_project
|
onlinevotingsystem
|
OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2021-21253
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197156
|
6.5 |
MEDIUM
Network
|
pysaml2_project
debian
|
pysaml2
debian_linux
|
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default C…
|
-
|
CVE-2021-21239
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197157
|
6.5 |
MEDIUM
Network
|
pysaml2_project
|
pysaml2
|
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to valid…
|
-
|
CVE-2021-21238
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197158
|
6.5 |
MEDIUM
Network
|
keymaker_project
|
keymaker
|
Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method wi…
|
-
|
CVE-2021-21269
|
2024-11-21 14:47 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197159
|
9.8 |
CRITICAL
Network
|
onedev_project
|
onedev
|
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untru…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21242
|
2024-11-21 14:47 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197160
|
9.8 |
CRITICAL
Network
|
onedev_project
|
onedev
|
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full deta…
|
CWE-94
Code Injection
|
CVE-2021-21244
|
2024-11-21 14:47 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
