|
196271
|
6.5 |
MEDIUM
Network
|
kubernetes
|
ingress-nginx
|
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` …
|
NVD-CWE-noinfo
|
CVE-2021-25748
|
2024-11-21 14:55 |
2023-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196272
|
7.8 |
HIGH
Local
|
avaya
|
ip_office
|
A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB…
|
NVD-CWE-Other
|
CVE-2021-25657
|
2024-11-21 14:55 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196273
|
8.8 |
HIGH
Network
|
apache
|
hadoop
|
ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run a…
|
-
|
CVE-2021-25642
|
2024-11-21 14:55 |
2022-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196274
|
5.5 |
MEDIUM
Local
|
intel
|
killer_ac_1550_firmware
killer_wi-fi_6_ax1650_firmware
killer_wi-fi_6e_ax1690_firmware
killer_wi-fi_6e_ax1675_firmware
proset_wi-fi_6e_ax210_firmware
wi-fi_6e_ax211_firmware
wi-fi_6…
|
Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access.
|
CWE-125
Out-of-bounds Read
|
CVE-2021-26254
|
2024-11-21 14:55 |
2022-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196275
|
5.5 |
MEDIUM
Local
|
intel
|
wi-fi_6_ax411_firmware
wi-fi_6_ax211_firmware
wi-fi_6_ax210_firmware
wi-fi_6_ax201_firmware
wi-fi_6_ax200_firmware
wireless-ac_9560_firmware
wireless-ac_9462_firmware
wireless-ac…
|
Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denia…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2021-26257
|
2024-11-21 14:55 |
2022-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196276
|
7.8 |
HIGH
Local
|
intel
|
killer_control_center
|
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access.
|
NVD-CWE-Other
|
CVE-2021-26258
|
2024-11-21 14:55 |
2022-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196277
|
8.1 |
HIGH
Network
|
splunk
|
splunk
|
A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Sp…
|
NVD-CWE-noinfo
|
CVE-2021-26253
|
2024-11-21 14:55 |
2022-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196278
|
7.1 |
HIGH
Network
|
kubernetes
|
ingress-nginx
|
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API …
|
CWE-20
Improper Input Validation
|
CVE-2021-25746
|
2024-11-21 14:55 |
2022-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196279
|
8.1 |
HIGH
Network
|
kubernetes
|
ingress-nginx
|
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io…
|
CWE-20
Improper Input Validation
|
CVE-2021-25745
|
2024-11-21 14:55 |
2022-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196280
|
8.8 |
HIGH
Network
|
fortinet
|
fortiauthenticator
|
An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute un…
|
CWE-78
OS Command
|
CVE-2021-26116
|
2024-11-21 14:55 |
2022-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
