|
194691
|
2.4 |
LOW
Physics
|
google
|
android
|
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.
|
CWE-269
Improper Privilege Management
|
CVE-2021-25513
|
2024-11-21 14:55 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194692
|
7.8 |
HIGH
Local
|
google
|
android
|
An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.
|
CWE-20
Improper Input Validation
|
CVE-2021-25512
|
2024-11-21 14:55 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194693
|
7.8 |
HIGH
Local
|
google
|
android
|
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.
|
CWE-22
Path Traversal
|
CVE-2021-25511
|
2024-11-21 14:55 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194694
|
7.8 |
HIGH
Local
|
google
|
android
|
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.
|
CWE-20
Improper Input Validation
|
CVE-2021-25510
|
2024-11-21 14:55 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194695
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortios
|
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically cr…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-26109
|
2024-11-21 14:55 |
2021-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194696
|
7.5 |
HIGH
Network
|
fortinet
|
fortios
|
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2021-26108
|
2024-11-21 14:55 |
2021-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194697
|
8.8 |
HIGH
Network
|
fortinet
|
fortios
fortiproxy
|
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2021-26103
|
2024-11-21 14:55 |
2021-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194698
|
7.8 |
HIGH
Local
|
fortinet
|
fortiproxy
fortios
|
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authe…
|
NVD-CWE-Other
|
CVE-2021-26110
|
2024-11-21 14:55 |
2021-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194699
|
4.8 |
MEDIUM
Network
|
taogogo
|
taocms
|
Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column.
|
CWE-79
Cross-site Scripting
|
CVE-2021-25785
|
2024-11-21 14:55 |
2021-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194700
|
7.2 |
HIGH
Network
|
taogogo
|
taocms
|
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article.
|
CWE-89
SQL Injection
|
CVE-2021-25784
|
2024-11-21 14:55 |
2021-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
