|
199921
|
6.5 |
MEDIUM
Network
|
wire
|
wire_server
|
wire-server is an open-source back end for Wire, a secure collaboration platform. In wire-server from version 2021-02-16 and before version 2021-03-02, the client metadata of all users was exposed in…
|
-
|
CVE-2021-21396
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199922
|
8.1 |
HIGH
Network
|
nim-lang
|
nim
|
Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS without full veri…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-21374
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199923
|
5.9 |
MEDIUM
Network
|
nim-lang
|
nim
|
Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS by default. In ca…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-21373
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199924
|
8.8 |
HIGH
Network
|
nim-lang
|
nim
|
Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitra…
|
CWE-78
OS Command
|
CVE-2021-21372
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199925
|
8.8 |
HIGH
Network
|
buddypress
|
buddypress
|
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rig…
|
-
|
CVE-2021-21389
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199926
|
5.5 |
MEDIUM
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stoppe…
|
-
|
CVE-2021-21411
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199927
|
6.1 |
MEDIUM
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the n…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21333
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199928
|
8.2 |
HIGH
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the p…
|
CWE-79
Cross-site Scripting
|
CVE-2021-21332
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199929
|
9.8 |
CRITICAL
Network
|
kongchuanhujiao_project
|
kongchuanhujiao
|
In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.
|
CWE-287
Improper Authentication
|
CVE-2021-21403
|
2024-11-21 14:48 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199930
|
9.8 |
CRITICAL
Network
|
genivia
oracle
|
gsoap
communications_lsms
communications_diameter_signaling_router
tekelec_virtual_operating_environment
communications_eagle_lnp_application_processor
communications_eagle_application…
|
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an H…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-21783
|
2024-11-21 14:48 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
