|
201581
|
5.5 |
MEDIUM
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior…
|
-
|
CVE-2021-20176
|
2024-11-21 14:46 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201582
|
8.8 |
HIGH
Network
|
name_directory_project
|
name_directory
|
Cross-site request forgery (CSRF) vulnerability in Name Directory 1.17.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2021-20652
|
2024-11-21 14:46 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201583
|
9.8 |
CRITICAL
Network
|
panasonic
|
video_insight_vms
|
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-20623
|
2024-11-21 14:46 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201584
|
5.9 |
MEDIUM
Network
|
podman_project
|
podman
|
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) c…
|
-
|
CVE-2021-20199
|
2024-11-21 14:46 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201585
|
7.5 |
HIGH
Network
|
mitsubishielectric
|
rv2fr_firmware
rv2frl_firmware
rv4fr_firmware
rv4frl_firmware
rv7fr_firmware
rv7frl_firmware
rv7frll_firmware
rv13fr_firmware
rv13frl_firmware
rv20fr_firmware
rh1frhr_fi…
|
Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, control…
|
NVD-CWE-noinfo
|
CVE-2021-20586
|
2024-11-21 14:46 |
2021-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201586
|
5.3 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that messaging did not impose a character limit when sending messages, which could result in client-side (browser) denial of serv…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-20185
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201587
|
7.2 |
HIGH
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentica…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2021-20187
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201588
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
|
-
|
CVE-2021-20186
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201589
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades.
|
-
|
CVE-2021-20184
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201590
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.
|
-
|
CVE-2021-20183
|
2024-11-21 14:46 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
