|
197601
|
7.8 |
HIGH
Local
|
f5
|
big-ip_access_policy_manager
|
On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, a DLL hijacking issue exists in cachecleaner.dll included in the BIG-IP Edge Client Windows Installer. Note: Software versions whi…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2021-23023
|
2024-11-21 14:51 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197602
|
6.1 |
MEDIUM
Network
|
bosch
|
cpp6_firmware
cpp7_firmware
cpp7.3_firmware
cpp13_firmware
|
An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All oth…
|
CWE-79
Cross-site Scripting
|
CVE-2021-23854
|
2024-11-21 14:51 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197603
|
9.8 |
CRITICAL
Network
|
bosch
|
cpp4_firmware
cpp6_firmware
cpp7_firmware
cpp7.3_firmware
cpp13_firmware
|
In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.
|
CWE-20
Improper Input Validation
|
CVE-2021-23853
|
2024-11-21 14:51 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197604
|
4.9 |
MEDIUM
Network
|
bosch
|
cpp4_firmware
cpp6_firmware
cpp7_firmware
cpp7.3_firmware
cpp13_firmware
|
An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Se…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-23852
|
2024-11-21 14:51 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197605
|
6.1 |
MEDIUM
Network
|
bosch
|
cpp4_firmware
cpp6_firmware
cpp7_firmware
cpp7.3_firmware
cpp13_firmware
|
An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to…
|
CWE-79
Cross-site Scripting
|
CVE-2021-23848
|
2024-11-21 14:51 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197606
|
9.1 |
CRITICAL
Network
|
bosch
|
cpp6_firmware
cpp7_firmware
cpp7.3_firmware
|
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted reques…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-23847
|
2024-11-21 14:51 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197607
|
5.5 |
MEDIUM
Local
|
openexr
fedoraproject
debian
|
openexr
fedora
debian_linux
|
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.
|
-
|
CVE-2021-23215
|
2024-11-21 14:51 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197608
|
8.8 |
HIGH
Network
|
openexr
fedoraproject
|
openexr
fedora
|
A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user ru…
|
-
|
CVE-2021-23169
|
2024-11-21 14:51 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197609
|
7.5 |
HIGH
Network
|
locutus
|
locutus
|
The package locutus before 2.0.15 are vulnerable to Regular Expression Denial of Service (ReDoS) via the gopher_parsedir function.
|
NVD-CWE-noinfo
|
CVE-2021-23392
|
2024-11-21 14:51 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197610
|
7.1 |
HIGH
Local
|
calipso_project
|
calipso
|
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.
|
CWE-22
Path Traversal
|
CVE-2021-23391
|
2024-11-21 14:51 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
