|
195261
|
7.5 |
HIGH
Network
|
huawei
|
usg9500_firmware
usg9520_firmware
usg9560_firmware
usg9580_firmware
|
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive mess…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2021-22309
|
2024-11-21 14:49 |
2021-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195262
|
8.8 |
HIGH
Network
|
wireshark
oracle
debian
|
wireshark
zfs_storage_appliance
debian_linux
|
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
|
CWE-74
Injection
|
CVE-2021-22191
|
2024-11-21 14:49 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195263
|
4.3 |
MEDIUM
Network
|
elastic
oracle
|
elasticsearch
communications_cloud_native_core_automated_test_suite
|
A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions whe…
|
CWE-863
Incorrect Authorization
|
CVE-2021-22134
|
2024-11-21 14:49 |
2021-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195264
|
4.3 |
MEDIUM
Network
|
fortinet
|
fortiproxy
|
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on…
|
NVD-CWE-Other
|
CVE-2021-22128
|
2024-11-21 14:49 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195265
|
7.2 |
HIGH
Network
|
gitlab
|
gitlab
|
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues.
|
CWE-295
Improper Certificate Validation
|
CVE-2021-22189
|
2024-11-21 14:49 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195266
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22183
|
2024-11-21 14:49 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195267
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs.
|
NVD-CWE-noinfo
|
CVE-2021-22188
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195268
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22182
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195269
|
9.8 |
CRITICAL
Network
|
vmware
|
view_planner
|
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload…
|
CWE-20
CWE-862
Improper Input Validation
Missing Authorization
|
CVE-2021-21978
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195270
|
7.3 |
HIGH
Network
|
bitnami
|
containers
|
In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-21979
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
