|
194881
|
6.5 |
MEDIUM
Network
|
jerryscript
|
jerryscript
|
An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_is_lexical_environment in the ecma-helpers.c file.
|
CWE-416
Use After Free
|
CVE-2021-26194
|
2024-11-21 14:55 |
2021-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194882
|
9.8 |
CRITICAL
Network
|
set-getter_project
|
set-getter
|
Prototype pollution vulnerability in 'set-getter' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-25949
|
2024-11-21 14:55 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194883
|
9.8 |
CRITICAL
Network
|
expand-hash_project
|
expand-hash
|
Prototype pollution vulnerability in 'expand-hash' versions 0.1.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-25948
|
2024-11-21 14:55 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194884
|
5.5 |
MEDIUM
Local
|
openexr
fedoraproject
debian
|
openexr
fedora
debian_linux
|
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR…
|
-
|
CVE-2021-26260
|
2024-11-21 14:55 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194885
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira_server
jira_data_center
|
EditworkflowScheme.jspa in Jira Server and Jira Data Center before version 8.5.14, and from version 8.6.0 before version 8.13.6, and from 8.14.0 before 8.16.1 allows remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2021-26080
|
2024-11-21 14:55 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194886
|
6.1 |
MEDIUM
Network
|
atlassian
|
data_center
jira
jira_server
jira_data_center
|
The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version 8.13.7, and from version 8.14.0 before 8.17.0 allows remote attack…
|
CWE-79
Cross-site Scripting
|
CVE-2021-26079
|
2024-11-21 14:55 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194887
|
6.1 |
MEDIUM
Network
|
atlassian
|
data_center
jira
jira_server
|
The number range searcher component in Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before version 8.13.6, and from version 8.14.0 before version 8.16.1 allows remote at…
|
CWE-79
Cross-site Scripting
|
CVE-2021-26078
|
2024-11-21 14:55 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194888
|
9.8 |
CRITICAL
Network
|
nestie_project
|
nestie
|
Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-25947
|
2024-11-21 14:55 |
2021-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194889
|
6.5 |
MEDIUM
Adjacent
|
fortinet
|
fortiswitch
|
A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exha…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-26111
|
2024-11-21 14:55 |
2021-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194890
|
6.1 |
MEDIUM
Network
|
apache
|
dubbo
|
In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability.
|
CWE-601
CWE-918
Open Redirect
Server-Side Request Forgery (SSRF)
|
CVE-2021-25640
|
2024-11-21 14:55 |
2021-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
