|
195791
|
6.5 |
MEDIUM
Local
|
omron
|
cx-supervisor
|
Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening …
|
CWE-125
Out-of-bounds Read
|
CVE-2021-20836
|
2024-11-21 14:47 |
2021-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195792
|
6.1 |
MEDIUM
Network
|
nike
|
nike
|
Improper authorization in handler for custom URL scheme vulnerability in Nike App for Android versions prior to 2.177 and Nike App for iOS versions prior to 2.177.1 allows a remote attacker to lead a…
|
CWE-862
Missing Authorization
|
CVE-2021-20834
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195793
|
7.4 |
HIGH
Network
|
soda-inc
|
snkrdunk
|
The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communicatio…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-20833
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195794
|
5.3 |
MEDIUM
Network
|
inbody
|
inbody
|
InBody App for iOS versions prior to 2.3.30 and InBody App for Android versions prior to 2.2.90(510) contain a vulnerability which may lead to information disclosure only when it works with the body …
|
CWE-200
Information Exposure
|
CVE-2021-20832
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195795
|
8.8 |
HIGH
Network
|
og_tags_project
|
og_tags
|
Cross-site request forgery (CSRF) vulnerability in OG Tags versions prior to 2.0.2 allows a remote attacker to hijack the authentication of administrators and unintended operation may be performed vi…
|
CWE-352
Origin Validation Error
|
CVE-2021-20831
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195796
|
6.1 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20807
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195797
|
6.1 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-601
Open Redirect
|
CVE-2021-20806
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195798
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20805
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195799
|
6.5 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2021-20804
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195800
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to alter the data of the management screen.
|
CWE-863
Incorrect Authorization
|
CVE-2021-20803
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
