|
195111
|
9.8 |
CRITICAL
Network
|
git_project
|
git
|
All versions of package git are vulnerable to Remote Code Execution (RCE) due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. Steps…
|
CWE-78
OS Command
|
CVE-2021-23632
|
2024-11-21 14:51 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195112
|
8.0 |
HIGH
Network
|
guake-project
|
guake
|
The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of execute_command and execute_command_by_uuid methods via the d-bus interface, which makes i…
|
NVD-CWE-Other
|
CVE-2021-23556
|
2024-11-21 14:51 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195113
|
6.1 |
MEDIUM
Network
|
paypal
fedoraproject
|
braintree\/sanitize-url
fedora
|
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
|
CWE-79
Cross-site Scripting
|
CVE-2021-23648
|
2024-11-21 14:51 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195114
|
9.8 |
CRITICAL
Network
|
htmldoc_project
|
htmldoc
|
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23165
|
2024-11-21 14:51 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195115
|
9.8 |
CRITICAL
Network
|
htmldoc_project
|
htmldoc
|
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of s…
|
CWE-415
Double Free
|
CVE-2021-23158
|
2024-11-21 14:51 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195116
|
7.5 |
HIGH
Network
|
oppo
|
coloros
|
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.
|
NVD-CWE-noinfo
|
CVE-2021-23246
|
2024-11-21 14:51 |
2022-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195117
|
8.1 |
HIGH
Network
|
postgresql
fedoraproject
redhat
|
postgresql
fedora
software_collections
enterprise_linux
enterprise_linux_for_power_little_endian
enterprise_linux_for_ibm_z_systems
|
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection …
|
-
|
CVE-2021-23214
|
2024-11-21 14:51 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195118
|
5.9 |
MEDIUM
Network
|
postgresql
|
postgresql
|
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.
|
-
|
CVE-2021-23222
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195119
|
7.8 |
HIGH
Local
|
htmldoc_project
|
htmldoc
|
A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23206
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195120
|
7.5 |
HIGH
Network
|
samba
|
samba
|
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their …
|
NVD-CWE-noinfo
|
CVE-2021-23192
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
