|
195271
|
5.3 |
MEDIUM
Network
|
isc
debian
fedoraproject
netapp
siemens
oracle
|
bind
debian_linux
fedora
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h500e_firmware
h700e_firmware
h410s_firmware
h410c_firmware
cloud_backup
sinec…
|
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BI…
|
NVD-CWE-noinfo
|
CVE-2021-25219
|
2024-11-21 14:54 |
2021-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195272
|
6.0 |
MEDIUM
Local
|
sophos
|
hitmanpro
|
A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.
|
NVD-CWE-noinfo
|
CVE-2021-25271
|
2024-11-21 14:54 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195273
|
6.7 |
MEDIUM
Local
|
sophos
|
hitmanpro.alert
|
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.
|
NVD-CWE-noinfo
|
CVE-2021-25270
|
2024-11-21 14:54 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195274
|
7.5 |
HIGH
Network
|
isc
fedoraproject
|
bind
fedora
|
In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process wil…
|
CWE-617
Reachable Assertion
|
CVE-2021-25218
|
2024-11-21 14:54 |
2021-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195275
|
7.8 |
HIGH
Local
|
yandex
|
yandex_browser
|
Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-25263
|
2024-11-21 14:54 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195276
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2021-25444
|
2024-11-21 14:54 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195277
|
5.3 |
MEDIUM
Local
|
google
|
android
|
A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker.
|
CWE-416
Use After Free
|
CVE-2021-25443
|
2024-11-21 14:54 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195278
|
9.8 |
CRITICAL
Network
|
learning_management_system_project
|
learning_management_system
|
Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-25200
|
2024-11-21 14:54 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195279
|
4.8 |
MEDIUM
Network
|
sophos
|
unified_threat_management
|
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
|
CWE-79
Cross-site Scripting
|
CVE-2021-25273
|
2024-11-21 14:54 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195280
|
9.8 |
CRITICAL
Network
|
travel_management_system_project
|
travel_management_system
|
Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-25208
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
