|
196541
|
9.8 |
CRITICAL
Network
|
htmldoc_project
|
htmldoc
|
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of s…
|
CWE-415
Double Free
|
CVE-2021-23158
|
2024-11-21 14:51 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196542
|
7.5 |
HIGH
Network
|
oppo
|
coloros
|
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.
|
NVD-CWE-noinfo
|
CVE-2021-23246
|
2024-11-21 14:51 |
2022-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196543
|
8.1 |
HIGH
Network
|
postgresql
fedoraproject
redhat
|
postgresql
fedora
software_collections
enterprise_linux
enterprise_linux_for_power_little_endian
enterprise_linux_for_ibm_z_systems
|
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection …
|
-
|
CVE-2021-23214
|
2024-11-21 14:51 |
2022-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196544
|
5.9 |
MEDIUM
Network
|
postgresql
|
postgresql
|
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.
|
-
|
CVE-2021-23222
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196545
|
7.8 |
HIGH
Local
|
htmldoc_project
|
htmldoc
|
A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23206
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196546
|
7.5 |
HIGH
Network
|
samba
|
samba
|
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their …
|
NVD-CWE-noinfo
|
CVE-2021-23192
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196547
|
7.8 |
HIGH
Local
|
htmldoc_project
|
htmldoc
|
A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service.
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-23191
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196548
|
7.8 |
HIGH
Local
|
htmldoc_project
|
htmldoc
|
A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service.
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-23180
|
2024-11-21 14:51 |
2022-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196549
|
6.1 |
MEDIUM
Network
|
karma_project
|
karma
|
The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.
|
CWE-601
Open Redirect
|
CVE-2021-23495
|
2024-11-21 14:51 |
2022-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196550
|
9.8 |
CRITICAL
Network
|
object-extend_project
|
object-extend
|
The package object-extend from 0.0.0 are vulnerable to Prototype Pollution via object-extend.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2021-23702
|
2024-11-21 14:51 |
2022-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
