Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21978PUBLISHED: 2021-03-03
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload a...
CVE-2021-22182PUBLISHED: 2021-03-03An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request.
CVE-2021-22188PUBLISHED: 2021-03-03An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs.
CVE-2021-22681PUBLISHED: 2021-03-03
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L...
CVE-2021-22877PUBLISHED: 2021-03-03A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet.
User Rank: Ninja
12/1/2015 | 8:21:17 AM