|
199721
|
8.8 |
HIGH
Network
|
accusoft
|
imagegear
|
A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a m…
|
CWE-193
Off-by-one Error
|
CVE-2021-21938
|
2024-11-21 14:49 |
2022-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199722
|
8.8 |
HIGH
Network
|
accusoft
|
imagegear
|
A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-21914
|
2024-11-21 14:49 |
2022-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199723
|
5.3 |
MEDIUM
Network
|
vmware
|
photon_os
|
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.
|
CWE-74
Injection
|
CVE-2021-22055
|
2024-11-21 14:49 |
2022-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199724
|
8.0 |
HIGH
Adjacent
|
fortinet
|
forticlient
|
An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the…
|
CWE-78
OS Command
|
CVE-2021-22127
|
2024-11-21 14:49 |
2022-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199725
|
7.5 |
HIGH
Network
|
abb
|
base_software
compact_product_suite
control_builder_safe
800xa
|
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker…
|
CWE-20
Improper Input Validation
|
CVE-2021-22277
|
2024-11-21 14:49 |
2022-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199726
|
5.3 |
MEDIUM
Network
|
cloudfoundry
|
capi-release
cf-deployment
|
In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-22100
|
2024-11-21 14:49 |
2022-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199727
|
7.5 |
HIGH
Network
|
huawei
|
magic_ui
emui
harmonyos
|
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-22319
|
2024-11-21 14:49 |
2022-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199728
|
7.5 |
HIGH
Network
|
vmware
|
esxi
cloud_foundation
|
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelm…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-22050
|
2024-11-21 14:49 |
2022-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199729
|
7.5 |
HIGH
Network
|
vmware
|
esxi
fusion
|
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escal…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2021-22043
|
2024-11-21 14:49 |
2022-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199730
|
7.8 |
HIGH
Local
|
vmware
|
esxi
cloud_foundation
|
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to ac…
|
CWE-863
Incorrect Authorization
|
CVE-2021-22042
|
2024-11-21 14:49 |
2022-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
