|
199011
|
7.2 |
HIGH
Network
|
gitlab
|
gitlab
|
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues.
|
CWE-295
Improper Certificate Validation
|
CVE-2021-22189
|
2024-11-21 14:49 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199012
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22183
|
2024-11-21 14:49 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199013
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs.
|
NVD-CWE-noinfo
|
CVE-2021-22188
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199014
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22182
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199015
|
9.8 |
CRITICAL
Network
|
vmware
|
view_planner
|
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload…
|
CWE-20
CWE-862
Improper Input Validation
Missing Authorization
|
CVE-2021-21978
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199016
|
7.3 |
HIGH
Network
|
bitnami
|
containers
|
In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-21979
|
2024-11-21 14:49 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199017
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.
|
NVD-CWE-noinfo
|
CVE-2021-22296
|
2024-11-21 14:49 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199018
|
3.3 |
LOW
Local
|
huawei
|
harmonyos
|
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.
|
NVD-CWE-noinfo
|
CVE-2021-22294
|
2024-11-21 14:49 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199019
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-22187
|
2024-11-21 14:49 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199020
|
5.3 |
MEDIUM
Network
|
vmware
|
spring_integration_zip
|
Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versions prior to 1.0.4, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (aff…
|
CWE-22
Path Traversal
|
CVE-2021-22114
|
2024-11-21 14:49 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
