|
194361
|
7.8 |
HIGH
Local
|
exiv2
fedoraproject
|
exiv2
fedora
|
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The …
|
CWE-787
Out-of-bounds Write
|
CVE-2021-29464
|
2024-11-21 15:01 |
2021-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194362
|
5.5 |
MEDIUM
Local
|
exiv2
fedoraproject
|
exiv2
fedora
|
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The o…
|
CWE-125
Out-of-bounds Read
|
CVE-2021-29463
|
2024-11-21 15:01 |
2021-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194363
|
7.5 |
HIGH
Network
|
cumulative-distribution-function_project
|
cumulative-distribution-function
|
cumulative-distribution-function is an open source npm library used which calculates statistical cumulative distribution function from data array of x values. In versions prior to 2.0.0 apps using th…
|
CWE-20
Improper Input Validation
|
CVE-2021-29486
|
2024-11-21 15:01 |
2021-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194364
|
6.1 |
MEDIUM
Network
|
ghost
|
ghost
|
Ghost is a Node.js CMS. An unused endpoint added during the development of 4.0.0 has left sites vulnerable to untrusted users gaining access to Ghost Admin. Attackers can gain access by getting logge…
|
CWE-79
Cross-site Scripting
|
CVE-2021-29484
|
2024-11-21 15:01 |
2021-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194365
|
8.8 |
HIGH
Network
|
cygwin
|
git
|
Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file …
|
-
|
CVE-2021-29468
|
2024-11-21 15:01 |
2021-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194366
|
7.5 |
HIGH
Network
|
miraheze
|
managewiki
|
ManageWiki is an extension to the MediaWiki project. The 'wikiconfig' API leaked the value of private configuration variables set through the ManageWiki variable to all users. This has been patched b…
|
-
|
CVE-2021-29483
|
2024-11-21 15:01 |
2021-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194367
|
7.5 |
HIGH
Network
|
xz_project
|
xz
|
xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malico…
|
-
|
CVE-2021-29482
|
2024-11-21 15:01 |
2021-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194368
|
5.4 |
MEDIUM
Network
|
budget_management_system_project
|
budget_management_system
|
A stored cross-site scripting (XSS) vulnerability in SourceCodester Budget Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php via vulnerable field 'Budget T…
|
CWE-79
Cross-site Scripting
|
CVE-2021-29388
|
2024-11-21 15:01 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194369
|
5.4 |
MEDIUM
Network
|
equipment_inventory_system_project
|
equipment_inventory_system
|
Multiple stored cross-site scripting (XSS) vulnerabilities in Sourcecodester Equipment Inventory System 1.0 allow remote attackers to inject arbitrary javascript via any "Add" sections, such as Add I…
|
CWE-79
Cross-site Scripting
|
CVE-2021-29387
|
2024-11-21 15:01 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194370
|
9.8 |
CRITICAL
Network
|
wordpress
|
requests
|
Requests is a HTTP library written in PHP. Requests mishandles deserialization in FilteredIterator. The issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 should update to version …
|
-
|
CVE-2021-29476
|
2024-11-21 15:01 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
