|
195561
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
|
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, …
|
CWE-416
Use After Free
|
CVE-2021-21822
|
2024-11-21 14:49 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195562
|
9.8 |
CRITICAL
Network
|
vmware
|
vrealize_business_for_cloud
|
VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution vulnerability due to an unauthorised end point. A malicious actor with network access may exploit this issue cau…
|
CWE-862
Missing Authorization
|
CVE-2021-21984
|
2024-11-21 14:49 |
2021-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195563
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a consid…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-22210
|
2024-11-21 14:49 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195564
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which resulted in GraphQL mutation being executed.
|
CWE-863
Incorrect Authorization
|
CVE-2021-22209
|
2024-11-21 14:49 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195565
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7. Improper permission check could allow the change of timestamp for issue creation or update.
|
NVD-CWE-Other
|
CVE-2021-22208
|
2024-11-21 14:49 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195566
|
4.9 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror credentials are exposed that allows other maintainers to be able to view the credentials in plain-text,
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-22206
|
2024-11-21 14:49 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195567
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect ac…
|
CWE-863
Incorrect Authorization
|
CVE-2021-22211
|
2024-11-21 14:49 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195568
|
7.5 |
HIGH
Network
|
huawei
|
cloudengine_12800_firmware
cloudengine_5800_firmware
cloudengine_6800_firmware
cloudengine_7800_firmware
|
There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copi…
|
CWE-415
Double Free
|
CVE-2021-22332
|
2024-11-21 14:49 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195569
|
6.5 |
MEDIUM
Adjacent
|
huawei
|
p30_firmware
|
There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-22330
|
2024-11-21 14:49 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195570
|
7.5 |
HIGH
Network
|
huawei
|
p30_firmware
|
There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious applica…
|
CWE-74
Injection
|
CVE-2021-22331
|
2024-11-21 14:49 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
