|
196791
|
9.8 |
CRITICAL
Network
|
accusoft
|
imagegear
|
A stack-based buffer overflow vulnerability exists in the PDF process_fontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21821
|
2024-11-21 14:49 |
2021-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196792
|
9.8 |
CRITICAL
Network
|
accusoft
|
imagegear
|
An integer overflow vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-21807
|
2024-11-21 14:49 |
2021-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196793
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details
|
CWE-862
Missing Authorization
|
CVE-2021-22233
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196794
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown
|
CWE-79
Cross-site Scripting
|
CVE-2021-22225
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196795
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim
|
CWE-352
Origin Validation Error
|
CVE-2021-22224
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196796
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A denial of service in user's profile page is found starting with GitLab CE/EE 8.0 that allows attacker to reject access to their profile page via using a specially crafted username.
|
NVD-CWE-noinfo
|
CVE-2021-22231
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196797
|
7.2 |
HIGH
Network
|
gitlab
|
gitlab
|
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2.
|
NVD-CWE-noinfo
|
CVE-2021-22230
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196798
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A reflected cross-site script vulnerability in GitLab before versions 13.11.6, 13.12.6 and 14.0.2 allowed an attacker to send a malicious link to a victim and trigger actions on their behalf if they …
|
CWE-79
Cross-site Scripting
|
CVE-2021-22227
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196799
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access contr…
|
NVD-CWE-Other
|
CVE-2021-22228
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196800
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link
|
CWE-79
Cross-site Scripting
|
CVE-2021-22223
|
2024-11-21 14:49 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
