|
194851
|
4.3 |
MEDIUM
Adjacent
|
siemens
|
rwg1.m12_firmware
rwg1.m12d_firmware
rwg1.m8_firmware
|
A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected…
|
-
|
CVE-2021-25671
|
2024-11-21 14:55 |
2021-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194852
|
9.6 |
CRITICAL
Adjacent
|
fortinet
|
fortinet_single_sign-on
|
An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending sp…
|
CWE-287
Improper Authentication
|
CVE-2021-26088
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194853
|
7.5 |
HIGH
Network
|
fortinet
|
fortimail
|
A missing release of memory after its effective lifetime vulnerability in the Webmail of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6 may allow an unauthenticated remote attacker to exhaust …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-26090
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194854
|
7.8 |
HIGH
Local
|
fortinet
|
forticlient
|
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.
|
CWE-59
Link Following
|
CVE-2021-26089
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194855
|
4.9 |
MEDIUM
Network
|
fortinet
|
fortimail
|
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confident…
|
NVD-CWE-Other
|
CVE-2021-26099
|
2024-11-21 14:55 |
2021-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194856
|
7.8 |
HIGH
Local
|
fortinet
|
fortiap-w2
fortiap-s
fortiap
|
An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unau…
|
CWE-78
OS Command
|
CVE-2021-26106
|
2024-11-21 14:55 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194857
|
7.5 |
HIGH
Network
|
fortinet
|
fortimail
|
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such …
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2021-26100
|
2024-11-21 14:55 |
2021-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194858
|
9.8 |
CRITICAL
Network
|
just-safe-set_project
|
just-safe-set
|
Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-25952
|
2024-11-21 14:55 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194859
|
6.1 |
MEDIUM
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2021-26039
|
2024-11-21 14:55 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194860
|
7.5 |
HIGH
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2021-26038
|
2024-11-21 14:55 |
2021-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
