|
196111
|
8.8 |
HIGH
Network
|
wp-buy
|
conditional_marketing_mailer
|
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin (including …
|
NVD-CWE-Other
|
CVE-2021-24190
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196112
|
8.8 |
HIGH
Network
|
wp-buy
|
captchinoo
|
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin (inc…
|
NVD-CWE-noinfo
|
CVE-2021-24189
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196113
|
8.8 |
HIGH
Network
|
wp-buy
|
wp_content_copy_protection_\&_no_right_click
|
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (includi…
|
NVD-CWE-Other
|
CVE-2021-24188
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196114
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
hermes
|
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23910
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196115
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
hermes
|
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23909
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196116
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
headunit_ntg6_mercedes-benz_user_experience
|
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leadin…
|
CWE-843
Type Confusion
|
CVE-2021-23908
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196117
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
headunit_ntg6_mercedes-benz_user_experience
|
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQne…
|
NVD-CWE-noinfo
|
CVE-2021-23907
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196118
|
6.8 |
MEDIUM
Physics
|
mercedes-benz
|
mercedes-benz_user_experience
|
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code exe…
|
CWE-20
Improper Input Validation
|
CVE-2021-23906
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196119
|
7.0 |
HIGH
Local
|
mcafee
|
endpoint_security_for_linux_threat_prevention
|
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform …
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2021-23892
|
2024-11-21 14:52 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196120
|
7.8 |
HIGH
Local
|
mcafee
|
total_protection
|
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing …
|
CWE-269
Improper Privilege Management
|
CVE-2021-23891
|
2024-11-21 14:52 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
