|
197851
|
8.8 |
HIGH
Network
|
wp-buy
|
wp_content_copy_protection_\&_no_right_click
|
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (includi…
|
NVD-CWE-Other
|
CVE-2021-24188
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197852
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
hermes
|
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23910
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197853
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
hermes
|
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-23909
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197854
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
headunit_ntg6_mercedes-benz_user_experience
|
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leadin…
|
CWE-843
Type Confusion
|
CVE-2021-23908
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197855
|
9.8 |
CRITICAL
Network
|
mercedes-benz
|
headunit_ntg6_mercedes-benz_user_experience
|
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQne…
|
NVD-CWE-noinfo
|
CVE-2021-23907
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197856
|
6.8 |
MEDIUM
Physics
|
mercedes-benz
|
mercedes-benz_user_experience
|
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code exe…
|
CWE-20
Improper Input Validation
|
CVE-2021-23906
|
2024-11-21 14:52 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197857
|
7.0 |
HIGH
Local
|
mcafee
|
endpoint_security_for_linux_threat_prevention
|
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform …
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2021-23892
|
2024-11-21 14:52 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197858
|
7.8 |
HIGH
Local
|
mcafee
|
total_protection
|
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing …
|
CWE-269
Improper Privilege Management
|
CVE-2021-23891
|
2024-11-21 14:52 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197859
|
7.2 |
HIGH
Network
|
fortinet
|
fortinac
|
A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing the sudo privileges.
|
NVD-CWE-noinfo
|
CVE-2021-24011
|
2024-11-21 14:52 |
2021-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197860
|
7.2 |
HIGH
Network
|
college_publisher_import_project
|
college_publisher_import
|
The College publisher Import WordPress plugin through 0.1 does not check for the uploaded CSV file to import, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE. Due…
|
-
|
CVE-2021-24254
|
2024-11-21 14:52 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
