|
199211
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to obtain the information stored in the product. This issue oc…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20797
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199212
|
6.5 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2021-20796
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199213
|
8.8 |
HIGH
Network
|
cybozu
|
remote_service_manager
|
Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended…
|
CWE-352
Origin Validation Error
|
CVE-2021-20795
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199214
|
3.3 |
LOW
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated…
|
-
|
CVE-2021-21089
|
2024-11-21 14:47 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199215
|
6.1 |
MEDIUM
Network
|
weseek
|
growi
|
Cross-site scripting vulnerability due to the inadequate tag sanitization in GROWI versions v4.2.19 and earlier allows remote attackers to execute an arbitrary script on the web browser of the user w…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20829
|
2024-11-21 14:47 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199216
|
6.1 |
MEDIUM
Network
|
activefusions
|
order_status_batch_change
|
Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series) all versions allows a remote attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20828
|
2024-11-21 14:47 |
2021-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199217
|
6.1 |
MEDIUM
Network
|
shiro8
|
list_\(order_management\)_item_change
|
Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3.0 series) Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified v…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20825
|
2024-11-21 14:47 |
2021-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199218
|
9.3 |
CRITICAL
Network
|
jscom
|
revoworks_browser
|
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the…
|
NVD-CWE-Other
|
CVE-2021-20791
|
2024-11-21 14:47 |
2021-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199219
|
9.6 |
CRITICAL
Network
|
jscom
|
revoworks_browser
|
Improper control of program execution vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to execute an arbitrary command or code via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2021-20790
|
2024-11-21 14:47 |
2021-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199220
|
8.8 |
HIGH
Network
|
adobe
|
illustrator
|
Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to a…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21105
|
2024-11-21 14:47 |
2021-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
