|
196661
|
7.8 |
HIGH
Local
|
amd
|
epyc_7763_firmware
epyc_7713p_firmware
epyc_7713_firmware
epyc_7663_firmware
epyc_7643_firmware
epyc_75f3_firmware
epyc_7543p_firmware
epyc_7543_firmware
epyc_7513_firmware
A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.
|
NVD-CWE-noinfo
|
CVE-2021-26324
|
2024-11-21 14:56 |
2022-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
196662
|
8.8 |
HIGH
Network
|
tobesoft
|
xplatform
|
A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation. When the .xzip archive file is decompressed, an arbitrary file can be d in the parent pat…
|
CWE-22
Path Traversal
|
CVE-2021-26629
|
2024-11-21 14:56 |
2022-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196663
|
6.1 |
MEDIUM
Network
|
maxb
|
maxboard
|
Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. When uploading file in a specific menu, the verification of the files is insuf…
|
CWE-79
Cross-site Scripting
|
CVE-2021-26628
|
2024-11-21 14:56 |
2022-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196664
|
7.5 |
HIGH
Network
|
qcp
|
qcp200w_firmware
|
Real-time image information exposure is caused by insufficient authentication for activated RTSP port. This vulnerability could allow to remote attackers to send the RTSP requests using ffplay comman…
|
CWE-287
Improper Authentication
|
CVE-2021-26627
|
2024-11-21 14:56 |
2022-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196665
|
8.8 |
HIGH
Network
|
tobesoft
|
xplatform
|
Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute arbitrary commands. IF the second parameter value of the execBrowser function is ‘default’, the first param…
|
CWE-20
Improper Input Validation
|
CVE-2021-26626
|
2024-11-21 14:56 |
2022-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196666
|
8.8 |
HIGH
Network
|
tobesoft
|
nexacro
|
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not v…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2021-26625
|
2024-11-21 14:56 |
2022-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196667
|
8.8 |
HIGH
Network
|
escanav
|
escan_anti-virus
|
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroo…
|
CWE-20
Improper Input Validation
|
CVE-2021-26624
|
2024-11-21 14:56 |
2022-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196668
|
9.8 |
CRITICAL
Network
|
bandisoft
|
bandizip
|
A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2021-26623
|
2024-11-21 14:56 |
2022-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196669
|
8.1 |
HIGH
Network
|
impresscms
|
impresscms
|
ImpressCMS before 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal.
|
CWE-22
Path Traversal
|
CVE-2021-26601
|
2024-11-21 14:56 |
2022-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196670
|
9.8 |
CRITICAL
Network
|
impresscms
|
impresscms
|
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).
|
CWE-843
Type Confusion
|
CVE-2021-26600
|
2024-11-21 14:56 |
2022-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
