|
199471
|
8.8 |
HIGH
Network
|
redislabs
|
redis
|
Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap an…
|
-
|
CVE-2021-21309
|
2024-11-21 14:47 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199472
|
9.1 |
CRITICAL
Network
|
prestashop
|
prestashop
|
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes custo…
|
-
|
CVE-2021-21308
|
2024-11-21 14:47 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199473
|
7.2 |
HIGH
Network
|
prestashop
|
prestashop
|
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. T…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2021-21302
|
2024-11-21 14:47 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199474
|
6.5 |
MEDIUM
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a mal…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-21274
|
2024-11-21 14:47 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199475
|
6.1 |
MEDIUM
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, reque…
|
CWE-601
Open Redirect
|
CVE-2021-21273
|
2024-11-21 14:47 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199476
|
6.5 |
MEDIUM
Network
|
nodered
|
node-red
|
Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier has a vulnerability which allows arbitrary path traversal via the Projects API. If the …
|
-
|
CVE-2021-21298
|
2024-11-21 14:47 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199477
|
6.5 |
MEDIUM
Network
|
nodered
|
node-red
|
Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier contains a Prototype Pollution vulnerability in the admin API. A badly formed request c…
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-21297
|
2024-11-21 14:47 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199478
|
7.8 |
HIGH
Local
|
adobe
|
bridge
|
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Ex…
|
-
|
CVE-2021-21066
|
2024-11-21 14:47 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199479
|
7.8 |
HIGH
Local
|
adobe
|
bridge
|
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Ex…
|
-
|
CVE-2021-21065
|
2024-11-21 14:47 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199480
|
4.9 |
MEDIUM
Network
|
magento
|
upward_php
upward_connector
|
Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could poten…
|
-
|
CVE-2021-21064
|
2024-11-21 14:47 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
