|
195271
|
8.8 |
HIGH
Network
|
vmware
|
workspace_one_access
|
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass vulnerability. A malicious actor, who has successfully provided first-factor authentication, may be able to ob…
|
NVD-CWE-noinfo
|
CVE-2021-22057
|
2024-11-21 14:49 |
2021-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195272
|
7.5 |
HIGH
Network
|
vmware
|
identity_manager
vrealize_automation
workspace_one_access
|
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requ…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-22056
|
2024-11-21 14:49 |
2021-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195273
|
7.5 |
HIGH
Network
|
vmware
|
workspace_one_uem_console
|
VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-22054
|
2024-11-21 14:49 |
2021-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195274
|
9.8 |
CRITICAL
Network
|
abb
|
omnicore_c30_firmware
|
A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected S…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-22279
|
2024-11-21 14:49 |
2021-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195275
|
7.5 |
HIGH
Network
|
anker
|
eufy_homebase_2_firmware
|
An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to passwo…
|
CWE-287
Improper Authentication
|
CVE-2021-21955
|
2024-11-21 14:49 |
2021-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195276
|
9.9 |
CRITICAL
Network
|
anker
|
eufy_homebase_2_firmware
|
A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can le…
|
CWE-78
OS Command
|
CVE-2021-21954
|
2024-11-21 14:49 |
2021-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195277
|
7.3 |
HIGH
Local
|
dreamreport
|
remote_connector
|
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabiliti…
|
NVD-CWE-Other
|
CVE-2021-21957
|
2024-11-21 14:49 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195278
|
10.0 |
CRITICAL
Network
|
anker
|
eufy_homebase_2_firmware
|
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2021-21951
|
2024-11-21 14:49 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195279
|
10.0 |
CRITICAL
Network
|
anker
|
eufy_homebase_2_firmware
|
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_respon…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2021-21950
|
2024-11-21 14:49 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195280
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2021-22170
|
2024-11-21 14:49 |
2021-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
