|
197151
|
- |
|
-
|
-
|
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames due to differentiating error messages on existing usernames. IBM X-Force ID: 199181.
|
-
|
CVE-2021-20556
|
2024-11-21 14:46 |
2024-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197152
|
- |
|
-
|
-
|
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link…
|
-
|
CVE-2021-20450
|
2024-11-21 14:46 |
2024-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197153
|
4.3 |
MEDIUM
Network
|
ibm
|
security_verify_privilege_on-premises
|
IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324.
|
CWE-613
Insufficient Session Expiration
|
CVE-2021-20581
|
2024-11-21 14:46 |
2023-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197154
|
5.9 |
MEDIUM
Network
|
samba
fedoraproject
|
samba
fedora
|
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
|
CWE-362
Race Condition
|
CVE-2021-20251
|
2024-11-21 14:46 |
2023-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197155
|
6.5 |
MEDIUM
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that th…
|
CWE-352
Origin Validation Error
|
CVE-2021-20468
|
2024-11-21 14:46 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197156
|
7.8 |
HIGH
Local
|
theforeman
|
foreman
|
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnera…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-20260
|
2024-11-21 14:46 |
2022-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197157
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of r…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-20224
|
2024-11-21 14:46 |
2022-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197158
|
6.8 |
MEDIUM
Network
|
samba
debian
redhat
|
samba
debian_linux
virtualization_host
enterprise_linux
enterprise_linux_eus
enterprise_linux_tus
enterprise_linux_aus
|
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of t…
|
CWE-362
Race Condition
|
CVE-2021-20316
|
2024-11-21 14:46 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197159
|
7.5 |
HIGH
Network
|
openexr
|
openexr
|
A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest thre…
|
-
|
CVE-2021-20304
|
2024-11-21 14:46 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197160
|
7.5 |
HIGH
Network
|
openexr
debian
|
openexr
debian_linux
|
A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest th…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-20298
|
2024-11-21 14:46 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
