|
194391
|
5.5 |
MEDIUM
Local
|
amd
|
epyc_7601_firmware
epyc_7551p_firmware
epyc_7551_firmware
epyc_7501_firmware
epyc_7451_firmware
epyc_7401_firmware
epyc_7371_firmware
epyc_7351p_firmware
epyc_7351_firmware
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential lo…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2021-26312
|
2024-11-21 14:56 |
2021-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
194392
|
8.8 |
HIGH
Network
|
talariax
|
sendquick_alert_plus_server_admin
|
A SQL Injection vulnerability in /appliance/shiftmgn.php in TalariaX sendQuick Alert Plus Server Admin 4.3 before 8HF11 allows attackers to obtain sensitive information via a Roster Time to Roster Ma…
|
CWE-89
SQL Injection
|
CVE-2021-26795
|
2024-11-21 14:56 |
2021-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194393
|
7.5 |
HIGH
Network
|
apache
|
shardingsphere-ui
|
Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to inject outer link resources. This issue affects Apache ShardingSphere-UI Apache ShardingSphere-UI ver…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-26558
|
2024-11-21 14:56 |
2021-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194394
|
3.3 |
LOW
Local
|
microsoft
|
azure_real_time_operating_system
|
Azure RTOS Information Disclosure Vulnerability
|
NVD-CWE-noinfo
|
CVE-2021-26444
|
2024-11-21 14:56 |
2021-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194395
|
9.0 |
CRITICAL
Adjacent
|
microsoft
|
windows_server_2019
windows_10
windows_server_2016
windows_server_2022
windows_11
|
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2021-26443
|
2024-11-21 14:56 |
2021-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194396
|
5.4 |
MEDIUM
Network
|
poweradmin
|
pa_server_monitor
|
A cross-site scripting (XSS) vulnerability in Power Admin PA Server Monitor 8.2.1.1 allows remote attackers to inject arbitrary web script or HTML via Console.exe.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26844
|
2024-11-21 14:56 |
2021-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194397
|
8.8 |
HIGH
Network
|
playtuber_project
|
playtuber
|
An issue was discoverered in in customercentric-selling-poland PlayTube, allows authenticated attackers to execute arbitrary code via the purchace code to the config.php.
|
NVD-CWE-noinfo
|
CVE-2021-26786
|
2024-11-21 14:56 |
2021-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194398
|
9.8 |
CRITICAL
Network
|
doyocms_project
|
doyocms
|
Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-26740
|
2024-11-21 14:56 |
2021-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194399
|
9.8 |
CRITICAL
Network
|
doyocms_project
|
doyocms
|
SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.
|
CWE-89
SQL Injection
|
CVE-2021-26739
|
2024-11-21 14:56 |
2021-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194400
|
8.8 |
HIGH
Network
|
nhn-commerce
|
godomall5
|
The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. This vulnerability allows an attacker to execute an remote arbitrary …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2021-26610
|
2024-11-21 14:56 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
