|
197821
|
8.0 |
HIGH
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation coul…
|
-
|
CVE-2021-21015
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197822
|
9.8 |
CRITICAL
Network
|
lucee
|
lucee_server
|
Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unaut…
|
-
|
CVE-2021-21307
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197823
|
4.3 |
MEDIUM
Network
|
wire
|
wire
|
Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first ha…
|
-
|
CVE-2021-21301
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197824
|
8.1 |
HIGH
Network
|
hyper
|
hyper
|
hyper is an open-source HTTP library for Rust (crates.io). In hyper from version 0.12.0 and before versions 0.13.10 and 0.14.3 there is a vulnerability that can enable a request smuggling attack. The…
|
-
|
CVE-2021-21299
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197825
|
2.7 |
LOW
Network
|
fleetdm
|
fleet
|
Fleet is an open source osquery manager. In Fleet before version 3.7.0 a malicious actor with a valid node key can send a badly formatted request that causes the Fleet server to exit, resulting in de…
|
NVD-CWE-Other
|
CVE-2021-21296
|
2024-11-21 14:47 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197826
|
8.8 |
HIGH
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21148
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197827
|
4.3 |
MEDIUM
Network
|
google
fedoraproject
|
chrome
fedora
|
Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2021-21147
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197828
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
|
chrome
fedora
|
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21146
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197829
|
8.8 |
HIGH
Network
|
google
fedoraproject
|
chrome
fedora
|
Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21145
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197830
|
8.8 |
HIGH
Network
|
google
fedoraproject
|
chrome
fedora
|
Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a craft…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21144
|
2024-11-21 14:47 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
