|
196191
|
6.1 |
MEDIUM
Network
|
hitachienergy
|
ellipse_enterprise_asset_management
|
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-27414
|
2024-11-21 14:57 |
2022-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196192
|
7.8 |
HIGH
Local
|
htmldoc_project
|
htmldoc
|
Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-26948
|
2024-11-21 14:57 |
2022-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196193
|
9.8 |
CRITICAL
Network
|
netapp
|
virtual_desktop_service
|
NetApp Virtual Desktop Service (VDS) when used with an HTML5 gateway is susceptible to a vulnerability which when successfully exploited could allow an unauthenticated attacker to takeover a Remote D…
|
NVD-CWE-noinfo
|
CVE-2021-27007
|
2024-11-21 14:57 |
2021-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196194
|
4.4 |
MEDIUM
Local
|
netapp
|
storagegrid
|
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings …
|
NVD-CWE-noinfo
|
CVE-2021-27006
|
2024-11-21 14:57 |
2021-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196195
|
4.4 |
MEDIUM
Local
|
puppet
|
puppet
puppet_connect
puppet_enterprise
|
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-27026
|
2024-11-21 14:57 |
2021-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196196
|
6.5 |
MEDIUM
Network
|
puppet
fedoraproject
|
puppet_agent
puppet
puppet_enterprise
fedora
|
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
|
NVD-CWE-noinfo
|
CVE-2021-27025
|
2024-11-21 14:57 |
2021-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196197
|
8.1 |
HIGH
Network
|
puppet
|
continuous_delivery
|
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in C…
|
NVD-CWE-Other
|
CVE-2021-27024
|
2024-11-21 14:57 |
2021-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196198
|
9.8 |
CRITICAL
Network
|
puppet
fedoraproject
|
puppet_server
puppet_agent
puppet_enterprise
fedora
|
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
|
NVD-CWE-noinfo
|
CVE-2021-27023
|
2024-11-21 14:57 |
2021-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196199
|
7.5 |
HIGH
Network
|
netapp
|
ontap_system_manager
|
Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server.
|
NVD-CWE-noinfo
|
CVE-2021-27005
|
2024-11-21 14:57 |
2021-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196200
|
5.5 |
MEDIUM
Local
|
netapp
|
ontap_system_manager
|
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials.
|
NVD-CWE-noinfo
|
CVE-2021-27004
|
2024-11-21 14:57 |
2021-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
