|
194181
|
7.5 |
HIGH
Network
|
mpmath
fedoraproject
|
mpmath
fedora
|
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29063
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194182
|
7.5 |
HIGH
Network
|
vfsjfilechooser2_project
|
vfsjfilechooser2
|
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29061
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194183
|
5.3 |
MEDIUM
Network
|
color-string_project
|
color-string
|
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB stri…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29060
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194184
|
7.5 |
HIGH
Network
|
is-svg_project
|
is-svg
|
A vulnerability was discovered in IS-SVG version 2.1.0 to 4.2.2 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG s…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-29059
|
2024-11-21 15:00 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194185
|
6.1 |
MEDIUM
Network
|
increments
|
qiita\
|
Increments Qiita::Markdown before 0.34.0 allows XSS via a crafted gist link, a different vulnerability than CVE-2021-28796.
|
CWE-79
Cross-site Scripting
|
CVE-2021-28833
|
2024-11-21 15:00 |
2021-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194186
|
4.3 |
MEDIUM
Network
|
powerarchiver
|
powerarchiver
|
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack).
|
CWE-611
XXE
|
CVE-2021-28684
|
2024-11-21 15:00 |
2021-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194187
|
7.8 |
HIGH
Local
|
msi
|
dragon_center
|
MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoS…
|
NVD-CWE-Other
|
CVE-2021-29337
|
2024-11-21 15:00 |
2021-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194188
|
6.5 |
MEDIUM
Network
|
thalesgroup
|
safenet_keysecure
|
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to ret…
|
CWE-74
Injection
|
CVE-2021-28979
|
2024-11-21 15:00 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194189
|
4.9 |
MEDIUM
Network
|
qnap
|
myqnapcloud_link
|
Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote attackers to read sensitive information by acce…
|
-
|
CVE-2021-28815
|
2024-11-21 15:00 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194190
|
5.5 |
MEDIUM
Local
|
tp-link
|
tl-wpa4220_firmware
|
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-28858
|
2024-11-21 15:00 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
