|
197021
|
9.6 |
CRITICAL
Network
|
eaton
|
intelligent_power_manager
intelligent_power_manager_virtual_appliance
intelligent_power_protector
|
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action remov…
|
NVD-CWE-noinfo
|
CVE-2021-23278
|
2024-11-21 14:51 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197022
|
10.0 |
CRITICAL
Network
|
eaton
|
intelligent_power_manager
intelligent_power_manager_virtual_appliance
intelligent_power_protector
|
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic …
|
CWE-94
Code Injection
|
CVE-2021-23277
|
2024-11-21 14:51 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197023
|
8.8 |
HIGH
Network
|
eaton
|
intelligent_power_manager
intelligent_power_manager_virtual_appliance
intelligent_power_protector
|
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploit…
|
CWE-89
SQL Injection
|
CVE-2021-23276
|
2024-11-21 14:51 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197024
|
7.5 |
HIGH
Network
|
gargoyle-router
|
gargoyle
|
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix ro…
|
CWE-834
Excessive Iteration
|
CVE-2021-23270
|
2024-11-21 14:51 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197025
|
9.8 |
CRITICAL
Network
|
swiperjs
|
swiper
|
This affects the package swiper before 6.5.1.
|
NVD-CWE-noinfo
|
CVE-2021-23370
|
2024-11-21 14:51 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197026
|
9.8 |
CRITICAL
Network
|
handlebarsjs
|
handlebars
|
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
|
NVD-CWE-noinfo
|
CVE-2021-23369
|
2024-11-21 14:51 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197027
|
5.3 |
MEDIUM
Network
|
postcss
|
postcss
|
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
|
NVD-CWE-noinfo
|
CVE-2021-23368
|
2024-11-21 14:51 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197028
|
7.5 |
HIGH
Network
|
chrono-node_project
|
chrono-node
|
This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces.
|
NVD-CWE-noinfo
|
CVE-2021-23371
|
2024-11-21 14:51 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197029
|
5.3 |
MEDIUM
Network
|
f5
|
big-ip_access_policy_manager
big-ip_advanced_firewall_manager
big-ip_advanced_web_application_firewall
big-ip_analytics
big-ip_application_acceleration_manager
big-ip_application_secur…
|
On BIG-IP versions 14.1.4 and 16.0.1.1, when the Traffic Management Microkernel (TMM) process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. Note: Software vers…
|
NVD-CWE-noinfo
|
CVE-2021-23007
|
2024-11-21 14:51 |
2021-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197030
|
6.1 |
MEDIUM
Network
|
f5
|
big-iq_centralized_management
|
On all 7.x and 6.x versions (fixed in 8.0.0), undisclosed BIG-IQ pages have a reflected cross-site scripting vulnerability. Note: Software versions which have reached End of Software Development (EoS…
|
CWE-79
Cross-site Scripting
|
CVE-2021-23006
|
2024-11-21 14:51 |
2021-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
