|
196381
|
7.8 |
HIGH
Local
|
google
|
cloud_iot_device_sdk_for_embedded_c
|
In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer t…
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-22547
|
2024-11-21 14:50 |
2021-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196382
|
9.8 |
CRITICAL
Network
|
microfocus
|
application_performance_management
|
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute a…
|
NVD-CWE-noinfo
|
CVE-2021-22514
|
2024-11-21 14:50 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196383
|
7.5 |
HIGH
Network
|
huawei
|
cloudengine_12800_firmware
cloudengine_5800
cloudengine_6800_firmware
cloudengine_7800_firmware
|
There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because …
|
NVD-CWE-noinfo
|
CVE-2021-22393
|
2024-11-21 14:50 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196384
|
7.8 |
HIGH
Local
|
criticalmanufacturing
|
cncsoft-b
|
CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-22664
|
2024-11-21 14:50 |
2021-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196385
|
7.8 |
HIGH
Local
|
criticalmanufacturing
|
cncsoft-b
|
CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
|
-
|
CVE-2021-22660
|
2024-11-21 14:50 |
2021-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196386
|
8.8 |
HIGH
Network
|
advantech
|
webaccess\/scada
|
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an adm…
|
-
|
CVE-2021-22669
|
2024-11-21 14:50 |
2021-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196387
|
7.8 |
HIGH
Local
|
hornerautomation
|
cscape
|
Cscape (All versions prior to 9.90 SP4) is configured by default to be installed for all users, which allows full permissions, including read/write access. This may allow unprivileged users to modify…
|
NVD-CWE-Other
|
CVE-2021-22682
|
2024-11-21 14:50 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196388
|
7.8 |
HIGH
Local
|
hornerautomation
|
cscape
|
Cscape (All versions prior to 9.90 SP4) lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability t…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-22678
|
2024-11-21 14:50 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196389
|
10.0 |
CRITICAL
Network
|
ivanti
|
connect_secure
|
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect …
|
CWE-416
Use After Free
|
CVE-2021-22893
|
2024-11-21 14:50 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196390
|
6.1 |
MEDIUM
Network
|
dart
|
dart_software_development_kit
|
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not san…
|
CWE-79
Cross-site Scripting
|
CVE-2021-22540
|
2024-11-21 14:50 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
