|
199761
|
8.1 |
HIGH
Network
|
nim-lang
|
nim
|
Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS without full veri…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-21374
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199762
|
5.9 |
MEDIUM
Network
|
nim-lang
|
nim
|
Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS by default. In ca…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-21373
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199763
|
8.8 |
HIGH
Network
|
nim-lang
|
nim
|
Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitra…
|
CWE-78
OS Command
|
CVE-2021-21372
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199764
|
8.8 |
HIGH
Network
|
buddypress
|
buddypress
|
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rig…
|
-
|
CVE-2021-21389
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199765
|
5.5 |
MEDIUM
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stoppe…
|
-
|
CVE-2021-21411
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199766
|
6.1 |
MEDIUM
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the n…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21333
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199767
|
8.2 |
HIGH
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the p…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21332
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199768
|
9.8 |
CRITICAL
Network
|
kongchuanhujiao_project
|
kongchuanhujiao
|
In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.
|
CWE-287
Improper Authentication
|
CVE-2021-21403
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199769
|
9.8 |
CRITICAL
Network
|
genivia
oracle
|
gsoap
communications_lsms
communications_diameter_signaling_router
tekelec_virtual_operating_environment
communications_eagle_lnp_application_processor
communications_eagle_application…
|
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an H…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-21783
|
2024-11-21 14:48 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199770
|
9.8 |
CRITICAL
Network
|
apkleaks_project
|
apkleaks
|
APKLeaks is an open-source project for scanning APK file for URIs, endpoints & secrets. APKLeaks prior to v2.0.3 allows remote attackers to execute arbitrary OS commands via package name inside appli…
|
-
|
CVE-2021-21386
|
2024-11-21 14:48 |
2021-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
