|
198401
|
9.8 |
CRITICAL
Network
|
microfocus
|
sitescope
|
Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90),…
|
NVD-CWE-noinfo
|
CVE-2021-22519
|
2024-11-21 14:50 |
2021-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198402
|
6.5 |
MEDIUM
Network
|
huawei
|
ngfw_module_firmware
secospace_usg6300_firmware
secospace_usg6500_firmware
secospace_usg6600_firmware
usg9500_firmware
|
There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activit…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-22411
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198403
|
9.8 |
CRITICAL
Network
|
rocket.chat
|
rocket.chat
|
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
|
NVD-CWE-Other
|
CVE-2021-22911
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198404
|
7.5 |
HIGH
Network
|
ui
|
edgemax_edgerouter_firmware
|
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in Edge…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-22909
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198405
|
8.8 |
HIGH
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
|
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As …
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-22908
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198406
|
7.8 |
HIGH
Local
|
citrix
|
workspace
|
An improper access control vulnerability exists in Citrix Workspace App for Windows potentially allows privilege escalation in CR versions prior to 2105 and 1912 LTSR prior to CU4.
|
NVD-CWE-Other
|
CVE-2021-22907
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198407
|
7.2 |
HIGH
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
|
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archi…
|
CWE-669
Incorrect Resource Transfer Between Spheres
|
CVE-2021-22900
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198408
|
8.8 |
HIGH
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
|
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature
|
CWE-77
Command Injection
|
CVE-2021-22899
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198409
|
8.8 |
HIGH
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
|
A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2021-22894
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198410
|
7.5 |
HIGH
Network
|
rocket.chat
|
rocket.chat
|
An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 & v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-22892
|
2024-11-21 14:50 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
