|
195161
|
4.3 |
MEDIUM
Network
|
elastic
|
kibana
|
It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files…
|
CWE-22
Path Traversal
|
CVE-2021-22151
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195162
|
8.8 |
HIGH
Network
|
elastic
|
kibana
|
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbi…
|
NVD-CWE-Other
|
CVE-2021-22142
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195163
|
5.5 |
MEDIUM
Local
|
abb
|
smu615_firmware
rec615_firmware
rer615_firmware
evd4_firmware
ref615r_firmware
rex640_pcl3_firmware
rex640_pcl2_firmware
rex640_pcl1_firmware
rer620_firmware
relion_611_fir…
|
Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Re…
|
CWE-665
Improper Initialization
|
CVE-2021-22283
|
2024-11-21 14:49 |
2023-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195164
|
6.1 |
MEDIUM
Network
|
elastic
|
kibana
|
An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary websi…
|
CWE-601
Open Redirect
|
CVE-2021-22141
|
2024-11-21 14:49 |
2022-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195165
|
9.8 |
CRITICAL
Network
|
br-automation
|
studio
|
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.
|
CWE-20
Improper Input Validation
|
CVE-2021-22289
|
2024-11-21 14:49 |
2022-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195166
|
5.4 |
MEDIUM
Adjacent
|
fortinet
|
fortitoken_mobile
|
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 …
|
CWE-295
Improper Certificate Validation
|
CVE-2021-22131
|
2024-11-21 14:49 |
2022-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195167
|
8.6 |
HIGH
Network
|
br-automation
|
automation_runtime
|
Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-22275
|
2024-11-21 14:49 |
2022-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195168
|
5.9 |
MEDIUM
Network
|
sealevel
|
seaconnect_370w_firmware
|
An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An …
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-21967
|
2024-11-21 14:49 |
2022-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195169
|
7.8 |
HIGH
Local
|
cloudlinux
|
imunify360
|
A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.10.2. A specially-crafted malformed file can lead to potential arbitrary command execution. An atta…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21956
|
2024-11-21 14:49 |
2022-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195170
|
8.8 |
HIGH
Network
|
accusoft
|
imagegear
|
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and …
|
CWE-129
Improper Validation of Array Index
|
CVE-2021-21949
|
2024-11-21 14:49 |
2022-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
