|
195441
|
6.5 |
MEDIUM
Network
|
otrs
|
otrs
|
DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a hal…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-21439
|
2024-11-21 14:48 |
2021-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195442
|
9.6 |
CRITICAL
Network
|
wire
|
restund
|
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhos…
|
CWE-862
Missing Authorization
|
CVE-2021-21382
|
2024-11-21 14:48 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195443
|
9.8 |
CRITICAL
Network
|
accusoft
|
imagegear
|
A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an integer overflow that, i…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21795
|
2024-11-21 14:48 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195444
|
6.1 |
MEDIUM
Network
|
jenkins
|
kiuwan
|
Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2021-21666
|
2024-11-21 14:48 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195445
|
8.8 |
HIGH
Network
|
jenkins
|
xebialabs_xl_deploy
|
A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential…
|
CWE-352
Origin Validation Error
|
CVE-2021-21665
|
2024-11-21 14:48 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195446
|
6.5 |
MEDIUM
Network
|
jenkins
|
xebialabs_xl_deploy
|
An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified…
|
CWE-863
Incorrect Authorization
|
CVE-2021-21664
|
2024-11-21 14:48 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195447
|
4.3 |
MEDIUM
Network
|
jenkins
|
xebialabs_xl_deploy
|
A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified crede…
|
-
|
CVE-2021-21663
|
2024-11-21 14:48 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195448
|
4.3 |
MEDIUM
Network
|
jenkins
|
xebialabs_xl_deploy
|
A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
|
-
|
CVE-2021-21662
|
2024-11-21 14:48 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195449
|
4.3 |
MEDIUM
Network
|
jenkins
|
kubernetes
|
Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credenti…
|
-
|
CVE-2021-21661
|
2024-11-21 14:48 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195450
|
7.2 |
HIGH
Network
|
zte
|
zxhn_hs562_firmware
|
A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have …
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-21736
|
2024-11-21 14:48 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
