|
195951
|
5.9 |
MEDIUM
Network
|
podman_project
|
podman
|
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) c…
|
-
|
CVE-2021-20199
|
2024-11-21 14:46 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195952
|
7.5 |
HIGH
Network
|
mitsubishielectric
|
rv2fr_firmware
rv2frl_firmware
rv4fr_firmware
rv4frl_firmware
rv7fr_firmware
rv7frl_firmware
rv7frll_firmware
rv13fr_firmware
rv13frl_firmware
rv20fr_firmware
rh1frhr_fi…
|
Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, control…
|
NVD-CWE-noinfo
|
CVE-2021-20586
|
2024-11-21 14:46 |
2021-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195953
|
5.3 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that messaging did not impose a character limit when sending messages, which could result in client-side (browser) denial of serv…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-20185
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195954
|
7.2 |
HIGH
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentica…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2021-20187
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195955
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
|
-
|
CVE-2021-20186
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195956
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades.
|
-
|
CVE-2021-20184
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195957
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.
|
-
|
CVE-2021-20183
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195958
|
6.1 |
MEDIUM
Network
|
aterm
|
wg2600hp_firmware
wg2600hp2_firmware
|
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20622
|
2024-11-21 14:46 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195959
|
8.8 |
HIGH
Network
|
aterm
|
wg2600hp_firmware
wg2600hp2_firmware
|
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication…
|
CWE-352
Origin Validation Error
|
CVE-2021-20621
|
2024-11-21 14:46 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195960
|
6.1 |
MEDIUM
Network
|
aterm
|
wg2600hp_firmware
|
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20620
|
2024-11-21 14:46 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
