|
195201
|
9.8 |
CRITICAL
Network
|
testes-codigo
|
testes_de_codigo
|
Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and …
|
NVD-CWE-Other
|
CVE-2021-25648
|
2024-11-21 14:55 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195202
|
9.8 |
CRITICAL
Network
|
casap_automated_enrollment_system_project
|
casap_automated_enrollment_system
|
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the usernam…
|
CWE-89
SQL Injection
|
CVE-2021-26201
|
2024-11-21 14:55 |
2021-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195203
|
9.8 |
CRITICAL
Network
|
library_system_project
|
library_system
|
The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.
|
CWE-89
SQL Injection
|
CVE-2021-26200
|
2024-11-21 14:55 |
2021-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195204
|
7.5 |
HIGH
Network
|
teradici
|
pcoip_soft_client
|
A null pointer dereference in Teradici PCoIP Soft Client versions prior to 20.07.3 could allow an attacker to crash the software.
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-25690
|
2024-11-21 14:55 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195205
|
9.8 |
CRITICAL
Network
|
teradici
|
pcoip_soft_client
|
An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker to remotely execute code.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-25689
|
2024-11-21 14:55 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195206
|
5.5 |
MEDIUM
Local
|
teradici
|
pcoip_standard_agent
pcoip_graphics_agent
|
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-25688
|
2024-11-21 14:55 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195207
|
4.3 |
MEDIUM
Adjacent
|
siemens
|
scalance_w780_firmware
scalance_w740_firmware
|
A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause…
|
-
|
CVE-2021-25666
|
2024-11-21 14:55 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195208
|
9.8 |
CRITICAL
Network
|
set-or-get_project
|
set-or-get
|
Prototype pollution vulnerability in 'set-or-get' version 1.0.0 through 1.2.10 allows an attacker to cause a denial of service and may lead to remote code execution.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-25913
|
2024-11-21 14:55 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195209
|
8.1 |
HIGH
Network
|
ezxml_project
|
ezxml
|
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-26222
|
2024-11-21 14:55 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195210
|
8.1 |
HIGH
Network
|
ezxml_project
|
ezxml
|
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-26221
|
2024-11-21 14:55 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
