|
199001
|
9.8 |
CRITICAL
Network
|
onedev_project
|
onedev
|
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.ge…
|
-
|
CVE-2021-21245
|
2024-11-21 14:47 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199002
|
7.8 |
HIGH
Local
|
git_large_file_storage_project
|
git_large_file_storage
|
Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program …
|
-
|
CVE-2021-21237
|
2024-11-21 14:47 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199003
|
8.8 |
HIGH
Local
|
flatpak
debian
|
flatpak
debian_linux
|
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to exec…
|
-
|
CVE-2021-21261
|
2024-11-21 14:47 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199004
|
7.4 |
HIGH
Network
|
flask-security-too_project
|
flask-security-too
|
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of …
|
-
|
CVE-2021-21241
|
2024-11-21 14:47 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199005
|
8.8 |
HIGH
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21116
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199006
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …
|
CWE-416
Use After Free
|
CVE-2021-21115
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199007
|
8.8 |
HIGH
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21114
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199008
|
8.8 |
HIGH
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21113
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199009
|
8.8 |
HIGH
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2021-21112
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199010
|
9.6 |
CRITICAL
Network
|
google
fedoraproject
debian
|
chrome
fedora
debian_linux
|
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-21111
|
2024-11-21 14:47 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
