|
199281
|
9.8 |
CRITICAL
Network
|
abb
|
omnicore_c30_firmware
|
A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected S…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2021-22279
|
2024-11-21 14:49 |
2021-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199282
|
7.5 |
HIGH
Network
|
anker
|
eufy_homebase_2_firmware
|
An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to passwo…
|
CWE-287
Improper Authentication
|
CVE-2021-21955
|
2024-11-21 14:49 |
2021-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199283
|
9.9 |
CRITICAL
Network
|
anker
|
eufy_homebase_2_firmware
|
A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can le…
|
CWE-78
OS Command
|
CVE-2021-21954
|
2024-11-21 14:49 |
2021-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199284
|
7.3 |
HIGH
Local
|
dreamreport
|
remote_connector
|
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabiliti…
|
NVD-CWE-Other
|
CVE-2021-21957
|
2024-11-21 14:49 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199285
|
10.0 |
CRITICAL
Network
|
anker
|
eufy_homebase_2_firmware
|
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2021-21951
|
2024-11-21 14:49 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199286
|
10.0 |
CRITICAL
Network
|
anker
|
eufy_homebase_2_firmware
|
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_respon…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2021-21950
|
2024-11-21 14:49 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199287
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2021-22170
|
2024-11-21 14:49 |
2021-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199288
|
6.5 |
MEDIUM
Network
|
vmware
|
spring_advanced_message_queuing_protocol
|
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size. Thi…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2021-22095
|
2024-11-21 14:49 |
2021-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199289
|
9.8 |
CRITICAL
Network
|
vmware
|
vcenter_server
|
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-22049
|
2024-11-21 14:49 |
2021-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199290
|
7.5 |
HIGH
Network
|
vmware
|
vcenter_server
cloud_foundation
|
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain acce…
|
NVD-CWE-noinfo
|
CVE-2021-21980
|
2024-11-21 14:49 |
2021-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
