|
199741
|
8.8 |
HIGH
Network
|
accusoft
|
imagegear
|
An out-of-bounds write vulnerability exists in the SGI format buffer size processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An att…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21782
|
2024-11-21 14:48 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199742
|
8.8 |
HIGH
Network
|
accusoft
|
imagegear
|
An out-of-bounds write vulnerability exists in the SGI Format Buffer Size Processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An att…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2021-21776
|
2024-11-21 14:48 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199743
|
7.8 |
HIGH
Local
|
accusoft
|
imagegear
|
An out-of-bounds write vulnerability exists in the TIFF header count-processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2021-21773
|
2024-11-21 14:48 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199744
|
9.6 |
CRITICAL
Adjacent
|
isolated-vm_project
|
isolated-vm
|
isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose suppose…
|
-
|
CVE-2021-21413
|
2024-11-21 14:48 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199745
|
8.8 |
HIGH
Network
|
\@thi.ng\/egf_project
|
\@thi.ng\/egf
|
Potential for arbitrary code execution in npm package @thi.ng/egf `#gpg`-tagged property values (only if `decrypt: true` option is enabled). PR with patch has been submitted and will has been release…
|
-
|
CVE-2021-21412
|
2024-11-21 14:48 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199746
|
5.4 |
MEDIUM
Network
|
prestashop
|
prestashop
|
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.7.3, an attacker can inject HTML when the Grid Column Type DataColumn is badly used. The problem is fi…
|
-
|
CVE-2021-21398
|
2024-11-21 14:48 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199747
|
8.8 |
HIGH
Network
|
jenkins
|
team_foundation_server
|
A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified creden…
|
CWE-352
Origin Validation Error
|
CVE-2021-21638
|
2024-11-21 14:48 |
2021-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199748
|
6.5 |
MEDIUM
Network
|
jenkins
|
team_foundation_server
|
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified …
|
CWE-862
Missing Authorization
|
CVE-2021-21637
|
2024-11-21 14:48 |
2021-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199749
|
4.3 |
MEDIUM
Network
|
jenkins
|
team_foundation_server
|
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
|
CWE-862
Missing Authorization
|
CVE-2021-21636
|
2024-11-21 14:48 |
2021-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199750
|
5.9 |
MEDIUM
Network
|
netty
debian
netapp
oracle
quarkus
|
netty
debian_linux
oncommand_workflow_automation
oncommand_api_services
coherence
banking_trade_finance_process_management
banking_credit_facilities_process_management
banking_co…
|
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http…
|
-
|
CVE-2021-21409
|
2024-11-21 14:48 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
