|
195071
|
9.8 |
CRITICAL
Network
|
tibco
|
api_exchange_gateway_distribution
api_exchange_gateway
|
The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an u…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-23274
|
2024-11-21 14:51 |
2021-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195072
|
8.8 |
HIGH
Network
|
killport_project
|
killport
|
This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exe…
|
CWE-78
OS Command
|
CVE-2021-23360
|
2024-11-21 14:51 |
2021-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195073
|
8.8 |
HIGH
Network
|
port-killer_project
|
port-killer
|
This affects all versions of package port-killer. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process e…
|
CWE-78
OS Command
|
CVE-2021-23359
|
2024-11-21 14:51 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195074
|
6.7 |
MEDIUM
Local
|
mcafee
|
endpoint_product_removal_tool
|
Unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2021-23879
|
2024-11-21 14:51 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195075
|
5.3 |
MEDIUM
Local
|
tyk
|
tyk
|
All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the…
|
CWE-22
Path Traversal
|
CVE-2021-23357
|
2024-11-21 14:51 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195076
|
9.8 |
CRITICAL
Network
|
kill-process-by-name_project
|
kill-process-by-name
|
This affects all versions of package kill-process-by-name. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_…
|
CWE-78
OS Command
|
CVE-2021-23356
|
2024-11-21 14:51 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195077
|
9.8 |
CRITICAL
Network
|
ps-kill_project
|
ps-kill
|
This affects all versions of package ps-kill. If (attacker-controlled) user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of th…
|
CWE-78
OS Command
|
CVE-2021-23355
|
2024-11-21 14:51 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195078
|
7.5 |
HIGH
Network
|
adaltas
|
printf
|
The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\(([\w_.]+)\)|([1-9]\d*)\$)?([0 +\-\]*)(\*|\d+)?(\.)?(\*|\d+)?[hlL]?([\%bscde…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2021-23354
|
2024-11-21 14:51 |
2021-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195079
|
5.4 |
MEDIUM
Network
|
tibco
|
spotfire_server
spotfire_desktop
spotfire_analyst
analytics_platform
|
The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vuln…
|
CWE-79
Cross-site Scripting
|
CVE-2021-23273
|
2024-11-21 14:51 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195080
|
7.5 |
HIGH
Network
|
parall
|
jspdf
|
This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function.
|
NVD-CWE-noinfo
|
CVE-2021-23353
|
2024-11-21 14:51 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
