|
196571
|
6.1 |
MEDIUM
Network
|
cybozu
|
office
|
Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20629
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196572
|
6.1 |
MEDIUM
Network
|
cybozu
|
office
|
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20628
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196573
|
6.1 |
MEDIUM
Network
|
cybozu
|
office
|
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20627
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196574
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and alter the data of Workflow via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2021-20626
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196575
|
4.3 |
MEDIUM
Network
|
cybozu
|
office
|
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Bulletin Board via unspec…
|
NVD-CWE-Other
|
CVE-2021-20625
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196576
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Scheduler via unspecified vect…
|
NVD-CWE-Other
|
CVE-2021-20624
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196577
|
7.4 |
HIGH
Network
|
redhat
|
kubernetes-client
openshift_container_platform
jboss_fuse
process_automation
descision_manager
codeready_studio
build_of_quarkus
integration_camel_k
a-mq_online
|
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to ex…
|
-
|
CVE-2021-20218
|
2024-11-21 14:46 |
2021-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196578
|
4.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5,…
|
CWE-862
Missing Authorization
|
CVE-2021-20283
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196579
|
5.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
|
-
|
CVE-2021-20282
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196580
|
5.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
|
CWE-863
Incorrect Authorization
|
CVE-2021-20281
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
