|
195411
|
5.5 |
MEDIUM
Local
|
microfocus
|
access_manager
|
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1
|
NVD-CWE-noinfo
|
CVE-2021-22525
|
2024-11-21 14:50 |
2021-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195412
|
8.0 |
HIGH
Adjacent
|
ui
|
unifi_protect
|
A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect …
|
NVD-CWE-noinfo
|
CVE-2021-22944
|
2024-11-21 14:50 |
2021-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195413
|
9.6 |
CRITICAL
Adjacent
|
ui
|
unifi_protect
|
A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to s…
|
CWE-287
Improper Authentication
|
CVE-2021-22943
|
2024-11-21 14:50 |
2021-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195414
|
6.1 |
MEDIUM
Local
|
brave
|
brave
|
An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22929
|
2024-11-21 14:50 |
2021-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195415
|
7.5 |
HIGH
Network
|
samsung
|
tizenrt
|
Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected …
|
-
|
CVE-2021-22684
|
2024-11-21 14:50 |
2021-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195416
|
7.5 |
HIGH
Network
|
huawei
|
elf-g10hn
|
There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exp…
|
NVD-CWE-noinfo
|
CVE-2021-22449
|
2024-11-21 14:50 |
2021-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195417
|
7.5 |
HIGH
Network
|
nodejs
oracle
netapp
siemens
debian
|
node.js
peoplesoft_enterprise_peopletools
graalvm
jd_edwards_enterpriseone_tools
nextgen_api
sinec_infrastructure_network_services
debian_linux
|
Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
|
CWE-416
Use After Free
|
CVE-2021-22940
|
2024-11-21 14:50 |
2021-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195418
|
5.3 |
MEDIUM
Network
|
nodejs
oracle
netapp
siemens
debian
|
node.js
peoplesoft_enterprise_peopletools
graalvm
mysql_cluster
jd_edwards_enterpriseone_tools
nextgen_api
sinec_infrastructure_network_services
debian_linux
|
If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would …
|
CWE-295
Improper Certificate Validation
|
CVE-2021-22939
|
2024-11-21 14:50 |
2021-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195419
|
7.2 |
HIGH
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
|
A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform command injection via an unsanitized web parameter in the administrator web console.
|
CWE-77
Command Injection
|
CVE-2021-22938
|
2024-11-21 14:50 |
2021-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195420
|
7.2 |
HIGH
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
|
A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-22937
|
2024-11-21 14:50 |
2021-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
