|
196181
|
8.8 |
HIGH
Network
|
fortinet
|
fortisandbox
|
An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacke…
|
CWE-78
OS Command
|
CVE-2021-26097
|
2024-11-21 14:55 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196182
|
7.5 |
HIGH
Network
|
fortinet
|
fortisandbox
|
An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predi…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2021-26098
|
2024-11-21 14:55 |
2021-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196183
|
5.3 |
MEDIUM
Network
|
atlassian
|
confluence_server
confluence_data_center
|
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versio…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2021-26085
|
2024-11-21 14:55 |
2021-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196184
|
7.5 |
HIGH
Network
|
videolan
|
vlc_media_player
|
A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-25804
|
2024-11-21 14:55 |
2021-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196185
|
7.1 |
HIGH
Local
|
videolan
|
vlc_media_player
|
A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-25803
|
2024-11-21 14:55 |
2021-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196186
|
7.1 |
HIGH
Local
|
videolan
|
vlc_media_player
|
A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
|
CWE-125
Out-of-bounds Read
|
CVE-2021-25802
|
2024-11-21 14:55 |
2021-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196187
|
7.1 |
HIGH
Local
|
videolan
|
vlc_media_player
|
A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
|
CWE-125
Out-of-bounds Read
|
CVE-2021-25801
|
2024-11-21 14:55 |
2021-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196188
|
5.3 |
MEDIUM
Network
|
ucms_project
|
ucms
|
UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-25809
|
2024-11-21 14:55 |
2021-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196189
|
7.8 |
HIGH
Local
|
bludit
|
bludit
|
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.
|
CWE-94
Code Injection
|
CVE-2021-25808
|
2024-11-21 14:55 |
2021-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196190
|
5.4 |
MEDIUM
Network
|
online_doctor_appointment_system_php_full_source_code_project
|
online_doctor_appointment_system_php_full_source_code
|
Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2021-25791
|
2024-11-21 14:55 |
2021-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
