|
199961
|
9.8 |
CRITICAL
Network
|
att
|
xmill
|
A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An at…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21830
|
2024-11-21 14:49 |
2021-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199962
|
9.8 |
CRITICAL
Network
|
att
|
xmill
|
A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remo…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-21829
|
2024-11-21 14:49 |
2021-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199963
|
6.1 |
MEDIUM
Network
|
cloudfoundry
|
user_account_and_authentication
cf-deployment
|
UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victim…
|
CWE-601
Open Redirect
|
CVE-2021-22098
|
2024-11-21 14:49 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199964
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-22295
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199965
|
6.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.…
|
CWE-79
Cross-site Scripting
|
CVE-2021-22234
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199966
|
8.8 |
HIGH
Network
|
foxit
|
pdf_reader
|
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory,…
|
CWE-416
Use After Free
|
CVE-2021-21893
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199967
|
8.8 |
HIGH
Network
|
foxit
|
pdf_reader
|
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, …
|
CWE-416
Use After Free
|
CVE-2021-21870
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199968
|
8.8 |
HIGH
Network
|
foxit
|
pdf_reader
|
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory,…
|
CWE-416
Use After Free
|
CVE-2021-21831
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199969
|
9.8 |
CRITICAL
Network
|
advantech
|
r-seenet
|
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execut…
|
CWE-78
OS Command
|
CVE-2021-21805
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199970
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22241
|
2024-11-21 14:49 |
2021-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
