|
196421
|
6.5 |
MEDIUM
Network
|
ckeditor
oracle
|
ckeditor
webcenter_sites
agile_plm
jd_edwards_enterpriseone_tools
financial_services_analytical_applications_infrastructure
siebel_ui_framework
application_express
|
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs pl…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2021-26271
|
2024-11-21 14:56 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196422
|
7.5 |
HIGH
Network
|
cpanel
|
cpanel
|
cPanel before 92.0.9 allows a MySQL user (who has an old-style password hash) to bypass suspension (SEC-579).
|
NVD-CWE-noinfo
|
CVE-2021-26267
|
2024-11-21 14:56 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196423
|
7.5 |
HIGH
Network
|
cpanel
|
cpanel
|
cPanel before 92.0.9 allows a Reseller to bypass the suspension lock (SEC-578).
|
NVD-CWE-Other
|
CVE-2021-26266
|
2024-11-21 14:56 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196424
|
6.5 |
MEDIUM
Network
|
intel
|
openvino
|
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access.
|
CWE-20
Improper Input Validation
|
CVE-2021-26251
|
2024-11-21 14:55 |
2022-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196425
|
6.3 |
MEDIUM
Network
|
kubernetes
|
kubernetes
|
Kube-proxy
on Windows can unintentionally forward traffic to local processes
listening on the same port (“spec.ports[*].port”) as a LoadBalancer
Service when the LoadBalancer controller
does not …
|
NVD-CWE-noinfo
|
CVE-2021-25736
|
2024-11-21 14:55 |
2023-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196426
|
7.2 |
HIGH
Network
|
supermicro-cms_project
|
supermicro-cms
|
An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php.
|
NVD-CWE-noinfo
|
CVE-2021-25857
|
2024-11-21 14:55 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196427
|
4.9 |
MEDIUM
Network
|
supermicro-cms_project
|
supermicro-cms
|
An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php.
|
NVD-CWE-noinfo
|
CVE-2021-25856
|
2024-11-21 14:55 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196428
|
5.3 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
|
CWE-416
Use After Free
|
CVE-2021-25786
|
2024-11-21 14:55 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196429
|
6.1 |
MEDIUM
Network
|
emby
|
emby
|
Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting (XSS) vulnerability via a crafted GET request to /web.
|
CWE-79
Cross-site Scripting
|
CVE-2021-25828
|
2024-11-21 14:55 |
2023-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196430
|
9.8 |
CRITICAL
Network
|
emby
|
emby
|
Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2021-25827
|
2024-11-21 14:55 |
2023-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
