|
197921
|
4.9 |
MEDIUM
Network
|
dell
|
emc_networker
|
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and …
|
-
|
CVE-2021-21570
|
2024-11-21 14:48 |
2021-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197922
|
4.9 |
MEDIUM
Network
|
dell
|
emc_networker
|
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain acce…
|
CWE-22
Path Traversal
|
CVE-2021-21569
|
2024-11-21 14:48 |
2021-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197923
|
4.4 |
MEDIUM
Local
|
dell
|
latitude_5285_2-in-1_firmware
latitude_5289_2-in-1_firmware
latitude_5310_2-in-1_firmware
latitude_5290_2-in-1_firmware
latitude_7210_2-in-1_firmware
latitude_7212_rugged_extreme_table…
|
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resett…
|
NVD-CWE-noinfo
|
CVE-2021-21522
|
2024-11-21 14:48 |
2021-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197924
|
5.5 |
MEDIUM
Local
|
zte
|
axon_30_pro_message_service
|
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive inform…
|
NVD-CWE-Other
|
CVE-2021-21742
|
2024-11-21 14:48 |
2021-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197925
|
7.8 |
HIGH
Local
|
gonitro
|
nitro_pro
|
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, res…
|
NVD-CWE-Other
|
CVE-2021-21798
|
2024-11-21 14:48 |
2021-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197926
|
4.8 |
MEDIUM
Network
|
sap
|
netweaver_enterprise_portal
|
SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability. This…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21489
|
2024-11-21 14:48 |
2021-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197927
|
5.5 |
MEDIUM
Local
|
jenkins
|
nomad
|
Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins control…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-21681
|
2024-11-21 14:48 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197928
|
7.1 |
HIGH
Network
|
jenkins
|
nested_view
|
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.
|
CWE-611
XXE
|
CVE-2021-21680
|
2024-11-21 14:48 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197929
|
8.8 |
HIGH
Network
|
jenkins
|
azure_ad
|
Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.
|
CWE-352
Origin Validation Error
|
CVE-2021-21679
|
2024-11-21 14:48 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197930
|
8.8 |
HIGH
Network
|
jenkins
|
saml
|
Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.
|
CWE-352
Origin Validation Error
|
CVE-2021-21678
|
2024-11-21 14:48 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
