|
195521
|
4.9 |
MEDIUM
Network
|
huawei
|
ecns280_td_firmware
ese620x_vess_firmware
|
There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling functio…
|
CWE-125
Out-of-bounds Read
|
CVE-2021-22383
|
2024-11-21 14:50 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195522
|
6.5 |
MEDIUM
Local
|
huawei
|
e3372_firmware
e8372_firmware
|
Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. Aft…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2021-22382
|
2024-11-21 14:50 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195523
|
5.3 |
MEDIUM
Network
|
huawei
|
ecns280_td_firmware
|
There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrent…
|
CWE-362
Race Condition
|
CVE-2021-22378
|
2024-11-21 14:50 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195524
|
7.2 |
HIGH
Network
|
huawei
|
s12700_firmware
s2700_firmware
s5700_firmware
s6700_firmware
s7700_firmware
|
There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify…
|
CWE-20
Improper Input Validation
|
CVE-2021-22377
|
2024-11-21 14:50 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195525
|
7.5 |
HIGH
Network
|
citrix
|
cloud_connector
|
Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information due to sensitive information being stored in the Citrix Cloud Connector installation log files. Such …
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2021-22914
|
2024-11-21 14:50 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195526
|
9.8 |
CRITICAL
Network
|
nextcloud
fedoraproject
|
nextcloud_server
fedora
|
Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an att…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2021-22915
|
2024-11-21 14:50 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195527
|
6.5 |
MEDIUM
Network
|
nextcloud
|
deck
|
Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unles…
|
CWE-200
Information Exposure
|
CVE-2021-22913
|
2024-11-21 14:50 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195528
|
6.5 |
MEDIUM
Network
|
nextcloud
|
nextcloud
|
Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a g…
|
CWE-200
Information Exposure
|
CVE-2021-22912
|
2024-11-21 14:50 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195529
|
6.5 |
MEDIUM
Network
|
nextcloud
|
end-to-end_encryption
|
Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2021-22906
|
2024-11-21 14:50 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195530
|
6.5 |
MEDIUM
Network
|
nextcloud
|
nextcloud
|
Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using t…
|
CWE-200
Information Exposure
|
CVE-2021-22905
|
2024-11-21 14:50 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
