|
194991
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortisandbox
|
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via speci…
|
CWE-79
Cross-site Scripting
|
CVE-2021-24014
|
2024-11-21 14:52 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194992
|
8.8 |
HIGH
Adjacent
|
fortinet
|
fortios
|
A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specif…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-24018
|
2024-11-21 14:52 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194993
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortisandbox
|
Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access …
|
CWE-22
Path Traversal
|
CVE-2021-24010
|
2024-11-21 14:52 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194994
|
2.7 |
LOW
Network
|
carrcommunications
|
rsvpmaker
|
The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and calls curl on it, without first validating it to ensure it'…
|
-
|
CVE-2021-24371
|
2024-11-21 14:52 |
2021-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194995
|
9.8 |
CRITICAL
Network
|
facebook
|
hhvm
folly
|
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affect…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-24036
|
2024-11-21 14:52 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194996
|
4.4 |
MEDIUM
Local
|
fortinet
|
fortimanager
fortianalyzer
|
A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to…
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-24022
|
2024-11-21 14:52 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194997
|
4.9 |
MEDIUM
Network
|
apache
|
teaclave_sgx_sdk
|
In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a control…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-24117
|
2024-11-21 14:52 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194998
|
4.9 |
MEDIUM
Network
|
arm
fedoraproject
debian
|
mbed_tls
fedora
debian_linux
|
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlle…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-24119
|
2024-11-21 14:52 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194999
|
4.9 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel a…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-24116
|
2024-11-21 14:52 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195000
|
9.8 |
CRITICAL
Network
|
ninjateam
|
filebird
|
The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This is a major vulnerability as the user inp…
|
-
|
CVE-2021-24385
|
2024-11-21 14:52 |
2021-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
