|
195221
|
6.5 |
MEDIUM
Network
|
huawei
|
p30_firmware
|
There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service …
|
CWE-787
Out-of-bounds Write
|
CVE-2021-22327
|
2024-11-21 14:49 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195222
|
6.5 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
debian
|
wireshark
fedora
zfs_storage_appliance_kit
debian_linux
|
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-22207
|
2024-11-21 14:49 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195223
|
10.0 |
CRITICAL
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote com…
|
CWE-94
Code Injection
|
CVE-2021-22205
|
2024-11-21 14:49 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195224
|
7.8 |
HIGH
Local
|
exiftool_project
debian
fedoraproject
|
exiftool
debian_linux
fedora
|
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
|
CWE-94
Code Injection
|
CVE-2021-22204
|
2024-11-21 14:49 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195225
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 12.9. GitLab was vulnerable to a stored XSS if scoped labels were used.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22199
|
2024-11-21 14:49 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195226
|
7.8 |
HIGH
Local
|
vmware
|
nsx-t_data_center
|
VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC (Role based access control) role assignment. Successful exploitation of this issue may allow attackers with local …
|
CWE-269
Improper Privilege Management
|
CVE-2021-21981
|
2024-11-21 14:49 |
2021-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195227
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token
|
CWE-22
Path Traversal
|
CVE-2021-22190
|
2024-11-21 14:49 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195228
|
6.5 |
MEDIUM
Network
|
cloudfoundry
|
capi-release
cf-deployment
|
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whe…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-22115
|
2024-11-21 14:49 |
2021-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195229
|
6.5 |
MEDIUM
Network
|
huawei
|
ips_module_firmware
ngfw_module_firmware
secospace_usg6300_firmware
secospace_usg6500_firmware
secospace_usg6600_firmware
usg9500_firmware
nip6300_firmware
nip6600_firmware
ni…
|
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release t…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-22312
|
2024-11-21 14:49 |
2021-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195230
|
7.2 |
HIGH
Network
|
proofpoint
|
insider_threat_management
|
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges a…
|
CWE-611
XXE
|
CVE-2021-22158
|
2024-11-21 14:49 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
