|
194641
|
7.8 |
HIGH
Local
|
hpe
|
cloudline_cl5800_gen10_server_firmware
cloudline_cl3100_gen10_server_firmware
cloudline_cl4100_gen10_server_firmware
cloudline_cl5200_gen9_server_firmware
cloudline_cl5800_gen9_server_fir…
|
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5…
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-25123
|
2024-11-21 14:54 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194642
|
7.8 |
HIGH
Local
|
trendmicro
|
housecall_for_home_networks
|
A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execu…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2021-25247
|
2024-11-21 14:54 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194643
|
5.5 |
MEDIUM
Local
|
trendmicro
|
serverprotect
|
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The speci…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-25226
|
2024-11-21 14:54 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194644
|
5.5 |
MEDIUM
Local
|
trendmicro
|
serverprotect
|
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The speci…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-25225
|
2024-11-21 14:54 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194645
|
5.5 |
MEDIUM
Local
|
trendmicro
|
serverprotect
|
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The speci…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-25224
|
2024-11-21 14:54 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194646
|
8.8 |
HIGH
Network
|
wisc
|
htcondor
|
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-25312
|
2024-11-21 14:54 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194647
|
9.9 |
CRITICAL
Network
|
wisc
|
htcondor
|
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by ro…
|
CWE-22
Path Traversal
|
CVE-2021-25311
|
2024-11-21 14:54 |
2021-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194648
|
6.1 |
MEDIUM
Network
|
misp
|
misp
|
MISP 2.4.136 has XSS via galaxy cluster element values to app/View/GalaxyElements/ajax/index.ctp. Reference types could contain javascript: URLs.
|
CWE-79
Cross-site Scripting
|
CVE-2021-25325
|
2024-11-21 14:54 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194649
|
6.1 |
MEDIUM
Network
|
misp
|
misp
|
MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.
|
CWE-79
Cross-site Scripting
|
CVE-2021-25324
|
2024-11-21 14:54 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194650
|
9.1 |
CRITICAL
Network
|
misp
|
misp
|
The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password.
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2021-25323
|
2024-11-21 14:54 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
