|
195461
|
5.3 |
MEDIUM
Network
|
onlinevotingsystem_project
|
onlinevotingsystem
|
OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2021-21253
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195462
|
6.5 |
MEDIUM
Network
|
pysaml2_project
debian
|
pysaml2
debian_linux
|
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default C…
|
-
|
CVE-2021-21239
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195463
|
6.5 |
MEDIUM
Network
|
pysaml2_project
|
pysaml2
|
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to valid…
|
-
|
CVE-2021-21238
|
2024-11-21 14:47 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195464
|
6.5 |
MEDIUM
Network
|
keymaker_project
|
keymaker
|
Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method wi…
|
-
|
CVE-2021-21269
|
2024-11-21 14:47 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195465
|
9.8 |
CRITICAL
Network
|
onedev_project
|
onedev
|
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untru…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21242
|
2024-11-21 14:47 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195466
|
9.8 |
CRITICAL
Network
|
onedev_project
|
onedev
|
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full deta…
|
CWE-94
Code Injection
|
CVE-2021-21244
|
2024-11-21 14:47 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195467
|
9.8 |
CRITICAL
Network
|
onedev_project
|
onedev
|
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not e…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21243
|
2024-11-21 14:47 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195468
|
8.1 |
HIGH
Network
|
adobe
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitati…
|
-
|
CVE-2021-21013
|
2024-11-21 14:47 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195469
|
5.3 |
MEDIUM
Network
|
adobe
|
magento_open_source
magento_commerce
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. Successful exploitation c…
|
-
|
CVE-2021-21012
|
2024-11-21 14:47 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195470
|
7.0 |
HIGH
Local
|
adobe
|
captivate
|
Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write t…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2021-21011
|
2024-11-21 14:47 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
