|
195281
|
6.8 |
MEDIUM
Adjacent
|
mongodb
quarkus
|
java_driver
quarkus
|
Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. This vulnerability in comb…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-20328
|
2024-11-21 14:46 |
2021-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195282
|
6.8 |
MEDIUM
Adjacent
|
mongodb
|
libmongocrypt
|
A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a privileged network pos…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-20327
|
2024-11-21 14:46 |
2021-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195283
|
7.5 |
HIGH
Network
|
contec
|
sv-cpt-mc310_firmware
|
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vecto…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-20662
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195284
|
8.1 |
HIGH
Network
|
contec
|
sv-cpt-mc310_firmware
|
Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2021-20661
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195285
|
6.1 |
MEDIUM
Network
|
contec
|
sv-cpt-mc310_firmware
|
Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20660
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195286
|
8.8 |
HIGH
Network
|
contec
|
sv-cpt-mc310_firmware
|
SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-20659
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195287
|
9.8 |
CRITICAL
Network
|
contec
|
sv-cpt-mc310_firmware
|
SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2021-20658
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195288
|
5.4 |
MEDIUM
Network
|
contec
|
sv-cpt-mc310_firmware
|
Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege v…
|
NVD-CWE-Other
|
CVE-2021-20657
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195289
|
4.3 |
MEDIUM
Network
|
contec
|
sv-cpt-mc310_firmware
|
Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories …
|
CWE-200
Information Exposure
|
CVE-2021-20656
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195290
|
5.3 |
MEDIUM
Local
|
redhat
|
satellite
|
A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability…
|
-
|
CVE-2021-20256
|
2024-11-21 14:46 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
