|
196511
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A verbose error message in GitLab EE affecting all versions since 12.2 could disclose the private email address of a user invited to a group
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-22249
|
2024-11-21 14:49 |
2021-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196512
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Improper authorization on the pipelines page in GitLab CE/EE affecting all versions since 13.12 allowed unauthorized users to view some pipeline information for public projects that have access to pi…
|
NVD-CWE-Other
|
CVE-2021-22248
|
2024-11-21 14:49 |
2021-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196513
|
9.8 |
CRITICAL
Network
|
att
|
xmill
|
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath:…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21828
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196514
|
9.8 |
CRITICAL
Network
|
att
|
xmill
|
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of a…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21827
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196515
|
9.8 |
CRITICAL
Network
|
att
|
xmill
|
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of a…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21826
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196516
|
6.5 |
MEDIUM
Network
|
baserow
|
baserow
|
SSRF in URL file upload in Baserow <1.1.0 allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-22255
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196517
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2021-22254
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196518
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-22246
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196519
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored XSS by using the design feature in issues.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22238
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196520
|
7.5 |
HIGH
Network
|
komoot
|
komoot
|
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosu…
|
CWE-200
Information Exposure
|
CVE-2021-21823
|
2024-11-21 14:49 |
2021-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
