|
199421
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting with 12.9. GitLab was vulnerable to a stored XSS if scoped labels were used.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22199
|
2024-11-21 14:49 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199422
|
7.8 |
HIGH
Local
|
vmware
|
nsx-t_data_center
|
VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC (Role based access control) role assignment. Successful exploitation of this issue may allow attackers with local …
|
CWE-269
Improper Privilege Management
|
CVE-2021-21981
|
2024-11-21 14:49 |
2021-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199423
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token
|
CWE-22
Path Traversal
|
CVE-2021-22190
|
2024-11-21 14:49 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199424
|
6.5 |
MEDIUM
Network
|
cloudfoundry
|
capi-release
cf-deployment
|
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whe…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-22115
|
2024-11-21 14:49 |
2021-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199425
|
6.5 |
MEDIUM
Network
|
huawei
|
ips_module_firmware
ngfw_module_firmware
secospace_usg6300_firmware
secospace_usg6500_firmware
secospace_usg6600_firmware
usg9500_firmware
nip6300_firmware
nip6600_firmware
ni…
|
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release t…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-22312
|
2024-11-21 14:49 |
2021-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199426
|
7.2 |
HIGH
Network
|
proofpoint
|
insider_threat_management
|
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges a…
|
CWE-611
XXE
|
CVE-2021-22158
|
2024-11-21 14:49 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199427
|
6.1 |
MEDIUM
Network
|
proofpoint
|
insider_threat_management
|
Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.11.1 allows stored XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22157
|
2024-11-21 14:49 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199428
|
9.8 |
CRITICAL
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before 13.1…
|
NVD-CWE-noinfo
|
CVE-2021-22203
|
2024-11-21 14:49 |
2021-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199429
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the API.
|
CWE-352
Origin Validation Error
|
CVE-2021-22202
|
2024-11-21 14:49 |
2021-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199430
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server.
|
NVD-CWE-noinfo
|
CVE-2021-22201
|
2024-11-21 14:49 |
2021-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
