|
199271
|
9.8 |
CRITICAL
Network
|
dell
|
storage_resource_manager
storage_monitoring_and_reporting
|
Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted Deserialization Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerabil…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-21524
|
2024-11-21 14:48 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199272
|
6.5 |
MEDIUM
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synaps…
|
CWE-20
Improper Input Validation
|
CVE-2021-21394
|
2024-11-21 14:48 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199273
|
5.3 |
MEDIUM
Network
|
zte
|
zxa10_c300m_firmware
|
A ZTE product has a configuration error vulnerability. Because a certain port is open by default, an attacker can consume system processing resources by flushing a large number of packets to the port…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2021-21728
|
2024-11-21 14:48 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199274
|
8.8 |
HIGH
Network
|
demon1a
|
discord-recon
|
Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server re…
|
CWE-78
OS Command
|
CVE-2021-21433
|
2024-11-21 14:48 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199275
|
6.5 |
MEDIUM
Network
|
go-vela
|
vela
|
Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. An authentication mechanism added in version 0.7.0 enables some malicious user to obtain secrets…
|
CWE-862
Missing Authorization
|
CVE-2021-21432
|
2024-11-21 14:48 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199276
|
8.1 |
HIGH
Network
|
mirahezebots
|
channelmgnt
|
sopel-channelmgnt is a channelmgnt plugin for sopel. In versions prior to 2.0.1, on some IRC servers, restrictions around the removal of the bot using the kick/kickban command could be bypassed when …
|
NVD-CWE-Other
|
CVE-2021-21431
|
2024-11-21 14:48 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199277
|
9.8 |
CRITICAL
Network
|
getgrav
|
grav-plugin-admin
|
Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of admi…
|
NVD-CWE-Other
|
CVE-2021-21425
|
2024-11-21 14:48 |
2021-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199278
|
4.3 |
MEDIUM
Network
|
jenkins
|
promoted_builds
|
A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds.
|
CWE-352
Origin Validation Error
|
CVE-2021-21641
|
2024-11-21 14:48 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199279
|
4.3 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid o…
|
-
|
CVE-2021-21640
|
2024-11-21 14:48 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199280
|
4.3 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the `config.xml` REST API endpoint of a node, allowing attackers wi…
|
-
|
CVE-2021-21639
|
2024-11-21 14:48 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
