|
194991
|
5.4 |
MEDIUM
Network
|
sap
|
businessobjects_business_intelligence
|
SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attacker to inject malicious JavaScript payload into the custom value input field of an Input Control, w…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21447
|
2024-11-21 14:48 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194992
|
7.5 |
HIGH
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service,…
|
NVD-CWE-noinfo
|
CVE-2021-21446
|
2024-11-21 14:48 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194993
|
5.4 |
MEDIUM
Network
|
sap
|
commerce_cloud
|
SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, a…
|
CWE-444
HTTP Request Smuggling
|
CVE-2021-21445
|
2024-11-21 14:48 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194994
|
8.8 |
HIGH
Network
|
mk-auth
|
mk-auth
|
MK-AUTH through 19.01 K4.9 allows CSRF for password changes via the central/executar_central.php?acao=altsenha_princ URI.
|
CWE-352
Origin Validation Error
|
CVE-2021-21495
|
2024-11-21 14:48 |
2021-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194995
|
4.8 |
MEDIUM
Network
|
mk-auth
|
mk-auth
|
MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo parameter. An attacker can leverage this to read the centralmka2 (session token) cookie, which is not set to HTTPOnly.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-21494
|
2024-11-21 14:48 |
2021-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194996
|
7.8 |
HIGH
Local
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated atta…
|
-
|
CVE-2021-21088
|
2024-11-21 14:47 |
2023-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194997
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chrome security severity: Low)
|
CWE-125
Out-of-bounds Read
|
CVE-2021-21200
|
2024-11-21 14:47 |
2023-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194998
|
6.1 |
MEDIUM
Network
|
netgate
pfsense
|
pfsense_plus
pfsense
|
Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to in…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20729
|
2024-11-21 14:47 |
2022-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194999
|
4.8 |
MEDIUM
Network
|
canon
|
mf237w
mf113w
mf212w
mf217w
mf229dw
mf232w
mf244dw
mf247dw
mf249dw
mf264dw
mf267dw
mf269dw
mf4570dn
mf4780w
mf4890dw
lbp113w
lbp151dw
lbp162dw
22…
|
Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20877
|
2024-11-21 14:47 |
2022-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195000
|
6.8 |
MEDIUM
Physics
|
konicaminolta
|
bizhub_c759_firmware
bizhub_c659_firmware
bizhub_c658_firmware
bizhub_c558_firmware
bizhub_c458_firmware
bizhub_958_firmware
bizhub_808_firmware
bizhub_758_firmware
bizhub_658…
|
Protection mechanism failure vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, …
|
NVD-CWE-Other
|
CVE-2021-20872
|
2024-11-21 14:47 |
2022-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
