|
195461
|
8.8 |
HIGH
Local
|
microsoft
|
windows_10
|
Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploi…
|
NVD-CWE-Other
|
CVE-2021-21552
|
2024-11-21 14:48 |
2021-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195462
|
8.8 |
HIGH
Network
|
dell
|
xtremio_management_server
|
Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Request Forgery Vulnerability in XMS. A non-privileged attacker could potentially exploit this vulnerability, leading to a privileged …
|
CWE-352
Origin Validation Error
|
CVE-2021-21549
|
2024-11-21 14:48 |
2021-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195463
|
4.9 |
MEDIUM
Network
|
zte
|
zxcdn
|
The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensit…
|
CWE-200
Information Exposure
|
CVE-2021-21733
|
2024-11-21 14:48 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195464
|
7.5 |
HIGH
Network
|
zte
|
axon_11_5g_firmware
|
A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper permission settings, third-party applications can read some files in the proc file system without authoriza…
|
NVD-CWE-Other
|
CVE-2021-21732
|
2024-11-21 14:48 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195465
|
5.3 |
MEDIUM
Network
|
sensiolabs
fedoraproject
|
symfony
fedora
|
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling de…
|
-
|
CVE-2021-21424
|
2024-11-21 14:48 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195466
|
7.1 |
HIGH
Network
|
jenkins
|
xcode_integration
|
Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
|
-
|
CVE-2021-21656
|
2024-11-21 14:48 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195467
|
7.1 |
HIGH
Network
|
jenkins
|
p4
|
A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and pa…
|
CWE-352
Origin Validation Error
|
CVE-2021-21655
|
2024-11-21 14:48 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195468
|
4.3 |
MEDIUM
Network
|
jenkins
|
p4
|
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server…
|
-
|
CVE-2021-21654
|
2024-11-21 14:48 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195469
|
4.3 |
MEDIUM
Network
|
jenkins
|
xray_-_test_management_for_jira
|
Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credent…
|
-
|
CVE-2021-21653
|
2024-11-21 14:48 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195470
|
7.1 |
HIGH
Network
|
jenkins
|
xray_-_test_management_for_jira
|
A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified…
|
CWE-352
Origin Validation Error
|
CVE-2021-21652
|
2024-11-21 14:48 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
