|
195241
|
4.3 |
MEDIUM
Network
|
cybozu
|
office
|
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Bulletin Board via unspec…
|
NVD-CWE-Other
|
CVE-2021-20625
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195242
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Scheduler via unspecified vect…
|
NVD-CWE-Other
|
CVE-2021-20624
|
2024-11-21 14:46 |
2021-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195243
|
7.4 |
HIGH
Network
|
redhat
|
kubernetes-client
openshift_container_platform
jboss_fuse
process_automation
descision_manager
codeready_studio
build_of_quarkus
integration_camel_k
a-mq_online
|
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to ex…
|
-
|
CVE-2021-20218
|
2024-11-21 14:46 |
2021-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195244
|
4.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5,…
|
CWE-862
Missing Authorization
|
CVE-2021-20283
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195245
|
5.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
|
-
|
CVE-2021-20282
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195246
|
5.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
|
CWE-863
Incorrect Authorization
|
CVE-2021-20281
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195247
|
5.4 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
|
-
|
CVE-2021-20280
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195248
|
5.4 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20279
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195249
|
2.7 |
LOW
Network
|
redhat
|
libnbd
enterprise_linux
|
A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.
|
-
|
CVE-2021-20286
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195250
|
4.3 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0, and 2018.4.1.0 through 2018.4.1.13 does not restrict member registration to the intended recepient. An attacker who is a valid user in the user registry used by API Manager …
|
NVD-CWE-noinfo
|
CVE-2021-20440
|
2024-11-21 14:46 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
