|
197201
|
6.5 |
MEDIUM
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that th…
|
CWE-352
Origin Validation Error
|
CVE-2021-20468
|
2024-11-21 14:46 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197202
|
7.8 |
HIGH
Local
|
theforeman
|
foreman
|
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnera…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-20260
|
2024-11-21 14:46 |
2022-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197203
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of r…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-20224
|
2024-11-21 14:46 |
2022-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197204
|
6.8 |
MEDIUM
Network
|
samba
debian
redhat
|
samba
debian_linux
virtualization_host
enterprise_linux
enterprise_linux_eus
enterprise_linux_tus
enterprise_linux_aus
|
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of t…
|
CWE-362
Race Condition
|
CVE-2021-20316
|
2024-11-21 14:46 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197205
|
7.5 |
HIGH
Network
|
openexr
|
openexr
|
A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest thre…
|
-
|
CVE-2021-20304
|
2024-11-21 14:46 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197206
|
7.5 |
HIGH
Network
|
openexr
debian
|
openexr
debian_linux
|
A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest th…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-20298
|
2024-11-21 14:46 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197207
|
3.3 |
LOW
Local
|
ibm
|
jazz_team_server
|
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2021-20551
|
2024-11-21 14:46 |
2022-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197208
|
4.3 |
MEDIUM
Network
|
ibm
|
jazz_team_server
|
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system,…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-20544
|
2024-11-21 14:46 |
2022-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197209
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_team_server
|
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's We…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20543
|
2024-11-21 14:46 |
2022-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197210
|
4.3 |
MEDIUM
Network
|
ibm
|
jazz_team_server
|
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system,…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-20421
|
2024-11-21 14:46 |
2022-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
