|
194351
|
6.5 |
MEDIUM
Network
|
doctor_appointment_system_project
|
doctor_appointment_system
|
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack.
|
CWE-89
SQL Injection
|
CVE-2021-27124
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194352
|
5.3 |
MEDIUM
Network
|
containous
|
traefik
|
Traefik before 2.4.5 allows the loading of IFRAME elements from other domains.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-27375
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194353
|
7.8 |
HIGH
Local
|
denx
|
u-boot
|
The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.
|
NVD-CWE-noinfo
|
CVE-2021-27138
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194354
|
7.8 |
HIGH
Local
|
denx
|
u-boot
|
The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.
|
NVD-CWE-noinfo
|
CVE-2021-27097
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194355
|
7.5 |
HIGH
Network
|
vertigis
|
weboffice
|
VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve "Zugriff auf Inhalte der WebOffice Applikation."
|
NVD-CWE-noinfo
|
CVE-2021-27374
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194356
|
7.5 |
HIGH
Network
|
boltcms
|
bolt
|
Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.
|
CWE-22
Path Traversal
|
CVE-2021-27367
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194357
|
7.4 |
HIGH
Network
|
canarymail
libmailcore
|
canary_mail
mailcore2
|
core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.
|
CWE-295
Improper Certificate Validation
|
CVE-2021-26911
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194358
|
9.8 |
CRITICAL
Network
|
irfanview
|
wpg
|
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.
|
CWE-125
Out-of-bounds Read
|
CVE-2021-27362
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194359
|
7.5 |
HIGH
Network
|
irfanview
|
wpg
|
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-27224
|
2024-11-21 14:57 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194360
|
7.8 |
HIGH
Local
|
linux
fedoraproject
|
linux_kernel
fedora
|
An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration…
|
NVD-CWE-noinfo
|
CVE-2021-26934
|
2024-11-21 14:57 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
