|
195151
|
9.8 |
CRITICAL
Network
|
hgiga
|
oaklouds_openid
|
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data.
|
CWE-89
SQL Injection
|
CVE-2021-22851
|
2024-11-21 14:50 |
2021-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195152
|
9.8 |
CRITICAL
Network
|
hgiga
|
oaklouds_portal
|
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-22850
|
2024-11-21 14:50 |
2021-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195153
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-22495
|
2024-11-21 14:50 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195154
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. When a screen protector is used, the required image compensation is not present. Consequentl…
|
NVD-CWE-noinfo
|
CVE-2021-22494
|
2024-11-21 14:50 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195155
|
8.8 |
HIGH
Adjacent
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-…
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-22492
|
2024-11-21 14:50 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195156
|
7.5 |
HIGH
Network
|
br-automation
|
automation_studio
|
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.
|
CWE-22
Path Traversal
|
CVE-2021-22281
|
2024-11-21 14:49 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195157
|
7.2 |
HIGH
Network
|
elastic
|
kibana
|
It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, …
|
CWE-94
Code Injection
|
CVE-2021-22150
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195158
|
- |
|
-
|
-
|
Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.
|
-
|
CVE-2021-22280
|
2024-11-21 14:49 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195159
|
7.8 |
HIGH
Local
|
br-automation
|
automation_studio
|
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 th…
|
-
|
CVE-2021-22282
|
2024-11-21 14:49 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195160
|
4.3 |
MEDIUM
Network
|
elastic
|
apm_.net_agent
|
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22143
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
