|
195051
|
7.5 |
HIGH
Network
|
av-data_project
|
av-data
|
An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault.
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-25904
|
2024-11-21 14:55 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195052
|
7.5 |
HIGH
Network
|
cache_project
|
cache
|
An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced.
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-25903
|
2024-11-21 14:55 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195053
|
7.5 |
HIGH
Network
|
glsl-layout_project
|
glsl-layout
|
An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop.
|
NVD-CWE-noinfo
|
CVE-2021-25902
|
2024-11-21 14:55 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195054
|
5.3 |
MEDIUM
Network
|
lazy-init_project
|
lazy-init
|
An issue was discovered in the lazy-init crate through 2021-01-17 for Rust. Lazy lacks a Send bound, leading to a data race.
|
NVD-CWE-noinfo
CWE-125
Out-of-bounds Read
|
CVE-2021-25901
|
2024-11-21 14:55 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195055
|
9.8 |
CRITICAL
Network
|
servo
|
smallvec
|
An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-25900
|
2024-11-21 14:55 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195056
|
7.5 |
HIGH
Network
|
dgtl
|
huemagic
|
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
|
CWE-22
Path Traversal
|
CVE-2021-25864
|
2024-11-21 14:55 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195057
|
8.8 |
HIGH
Adjacent
|
open5gs
|
open5gs
|
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account.
|
CWE-287
Improper Authentication
|
CVE-2021-25863
|
2024-11-21 14:55 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195058
|
7.5 |
HIGH
Network
|
themeum
|
qubely
|
The Qubely WordPress plugin before 1.8.6 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses via the qubely_send_form_data AJAX action.
|
NVD-CWE-Other
|
CVE-2021-24916
|
2024-11-21 14:54 |
2023-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195059
|
4.8 |
MEDIUM
Network
|
lesterchan
|
wp-postratings
|
The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though…
|
CWE-352
Origin Validation Error
|
CVE-2021-25117
|
2024-11-21 14:54 |
2024-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195060
|
7.2 |
HIGH
Network
|
menu_item_visibility_control_project
|
menu_item_visibility_control
|
The Menu Item Visibility Control WordPress plugin through 0.5 doesn't sanitize and validate the "Visibility logic" option for WordPress menu items, which could allow highly privileged users to execut…
|
NVD-CWE-Other
|
CVE-2021-24942
|
2024-11-21 14:54 |
2022-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
