|
197971
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortisandbox
|
Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access …
|
CWE-22
Path Traversal
|
CVE-2021-24010
|
2024-11-21 14:52 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197972
|
2.7 |
LOW
Network
|
carrcommunications
|
rsvpmaker
|
The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and calls curl on it, without first validating it to ensure it'…
|
-
|
CVE-2021-24371
|
2024-11-21 14:52 |
2021-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197973
|
9.8 |
CRITICAL
Network
|
facebook
|
hhvm
folly
|
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affect…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-24036
|
2024-11-21 14:52 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197974
|
4.4 |
MEDIUM
Local
|
fortinet
|
fortimanager
fortianalyzer
|
A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to…
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-24022
|
2024-11-21 14:52 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197975
|
4.9 |
MEDIUM
Network
|
apache
|
teaclave_sgx_sdk
|
In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a control…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-24117
|
2024-11-21 14:52 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197976
|
4.9 |
MEDIUM
Network
|
arm
fedoraproject
debian
|
mbed_tls
fedora
debian_linux
|
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlle…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-24119
|
2024-11-21 14:52 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197977
|
4.9 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel a…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-24116
|
2024-11-21 14:52 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197978
|
9.8 |
CRITICAL
Network
|
ninjateam
|
filebird
|
The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This is a major vulnerability as the user inp…
|
-
|
CVE-2021-24385
|
2024-11-21 14:52 |
2021-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197979
|
5.4 |
MEDIUM
Network
|
admincolumns
|
admin_columns
|
The Admin Columns WordPress plugin Free before 4.3.2 and Pro before 5.5.2 allowed to configure individual columns for tables. Each column had a type. The type "Custom Field" allowed to choose an arbi…
|
-
|
CVE-2021-24365
|
2024-11-21 14:52 |
2021-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197980
|
8.8 |
HIGH
Network
|
fortinet
|
fortimail
|
An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorize…
|
CWE-78
OS Command
|
CVE-2021-24015
|
2024-11-21 14:52 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
