|
199591
|
5.5 |
MEDIUM
Local
|
dell
|
emc_networker
|
Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentiall…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-21546
|
2024-11-21 14:48 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199592
|
10.0 |
CRITICAL
Network
|
dell
|
idrac9_firmware
|
Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerabilit…
|
CWE-287
Improper Authentication
|
CVE-2021-21538
|
2024-11-21 14:48 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199593
|
4.3 |
MEDIUM
Network
|
otrs
|
otrs
|
Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OT…
|
NVD-CWE-noinfo
|
CVE-2021-21443
|
2024-11-21 14:48 |
2021-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199594
|
5.4 |
MEDIUM
Network
|
otrs
|
time_accounting
|
In the project create screen it's possible to inject malicious JS code to the certain fields. The code might be executed in the Reporting screen. This issue affects: OTRS AG Time Accounting: 7.0.x ve…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21442
|
2024-11-21 14:48 |
2021-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199595
|
6.5 |
MEDIUM
Network
|
otrs
|
otrs
|
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS …
|
NVD-CWE-noinfo
|
CVE-2021-21440
|
2024-11-21 14:48 |
2021-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199596
|
6.5 |
MEDIUM
Network
|
combodo
|
itop
|
Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnera…
|
CWE-352
Origin Validation Error
|
CVE-2021-21407
|
2024-11-21 14:48 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199597
|
8.8 |
HIGH
Network
|
combodo
|
itop
|
Combodo iTop is an open source, web based IT Service Management tool. In versions prior to 2.7.4, there is a command injection vulnerability in the Setup Wizard when providing Graphviz executable pat…
|
CWE-77
Command Injection
|
CVE-2021-21406
|
2024-11-21 14:48 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199598
|
6.1 |
MEDIUM
Network
|
advantech
|
r-seenet
|
Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary Jav…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21800
|
2024-11-21 14:48 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199599
|
6.1 |
MEDIUM
Network
|
advantech
|
r-seenet
|
Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2021-21799
|
2024-11-21 14:48 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199600
|
3.3 |
LOW
Local
|
dell
|
wyse_management_suite
|
Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could exploit this vulnerability in order to obtain the path of file…
|
CWE-200
Information Exposure
|
CVE-2021-21587
|
2024-11-21 14:48 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
