|
195271
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.
|
NVD-CWE-noinfo
|
CVE-2021-22296
|
2024-11-21 14:49 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195272
|
3.3 |
LOW
Local
|
huawei
|
harmonyos
|
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.
|
NVD-CWE-noinfo
|
CVE-2021-22294
|
2024-11-21 14:49 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195273
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-22187
|
2024-11-21 14:49 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195274
|
5.3 |
MEDIUM
Network
|
vmware
|
spring_integration_zip
|
Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versions prior to 1.0.4, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (aff…
|
CWE-22
Path Traversal
|
CVE-2021-22114
|
2024-11-21 14:49 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195275
|
8.8 |
HIGH
Adjacent
|
vmware
|
cloud_foundation
esxi
|
OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21974
|
2024-11-21 14:49 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195276
|
5.3 |
MEDIUM
Network
|
vmware
|
vcenter_server
cloud_foundation
|
The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 44…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-21973
|
2024-11-21 14:49 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195277
|
9.8 |
CRITICAL
Network
|
vmware
|
vcenter_server
cloud_foundation
|
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with…
|
CWE-22
Path Traversal
|
CVE-2021-21972
|
2024-11-21 14:49 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195278
|
8.8 |
HIGH
Network
|
vmware
pivotal_software
oracle
|
spring_security
hospitality_cruise_shipboard_property_management_system
communications_interactive_session_recorder
communications_unified_inventory_management
insurance_policy_administra…
|
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once i…
|
NVD-CWE-noinfo
|
CVE-2021-22112
|
2024-11-21 14:49 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195279
|
5.3 |
MEDIUM
Network
|
vmware
|
spring_cloud_netflix_zuul
|
Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing request…
|
CWE-863
Incorrect Authorization
|
CVE-2021-22113
|
2024-11-21 14:49 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195280
|
7.5 |
HIGH
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance
|
Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-22174
|
2024-11-21 14:49 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
