Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2022-21661 vulnerabilities and exploits

(subscribe to this query)

4.6
CVSSv2
CVE-2021-25461
An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow....
Google Android 8.1
6
CVSSv2
CVE-2021-24085
Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-1730....
Microsoft Exchange Server 2016Microsoft Exchange Server 2019
7.5
CVSSv2
CVE-2021-25281
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master....
Saltstack SaltFedoraproject Fedora 32Fedoraproject Fedora 33Fedoraproject Fedora 34Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2021-23841
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field...
Openssl OpensslDebian Debian Linux 10.0Tenable Tenable.scTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Apple MacosApple Iphone OsApple SafariApple IpadosNetapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Oracle Business Intelligence 12.2.1.3.0Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Jd Edwards World Security A9.4Oracle Business Intelligence 12.2.1.4.0Oracle Business Intelligence 5.5.0.0.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Enterprise Manager For Storage Management 13.4.0.0Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Zfs Storage Appliance Kit 8.8Oracle Graalvm 20.3.1.2Oracle Graalvm 21.0.0.2Oracle Graalvm 19.3.5Oracle Mysql ServerOracle Mysql Enterprise MonitorOracle Peoplesoft Enterprise Peopletools 8.59Oracle Essbase 21.2Oracle Business Intelligence 5.9.0.0.0Oracle Communications Cloud Native Core Policy 1.15.0Siemens Sinec Ins 1.0Siemens Sinec Ins
6.8
CVSSv2
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...
Exiftool Project ExiftoolDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 32Fedoraproject Fedora 33Fedoraproject Fedora 34
7.5
CVSSv2
CVE-2021-22205
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution....
Gitlab Gitlab
4.3
CVSSv2
CVE-2021-22214
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited...
Gitlab Gitlab
4.6
CVSSv2
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space...
Linux Linux KernelBrocade Fabric Operating System -Netapp Fas 8300 Firmware -Netapp Fas 8700 Firmware -Netapp Aff A400 Firmware -Netapp Aff A250 Firmware -Netapp Aff 500f Firmware -Netapp H610c Firmware -Netapp H610s Firmware -Netapp H615c Firmware -Netapp Hci Management Node -Netapp Solidfire -
4.3
CVSSv2
CVE-2021-22569
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause...
Google Protobuf-kotlinGoogle Protobuf-javaGoogle Google-protobufOracle Communications Cloud Native Core Console 1.9.0Oracle Communications Cloud Native Core Policy 1.15.0Oracle Communications Cloud Native Core Network Repository Function 1.15.0Oracle Communications Cloud Native Core Network Repository Function 1.15.1Oracle Spatial And Graph Mapviewer 21cOracle Spatial And Graph Mapviewer 19c
7.5
CVSSv2
CVE-2021-22893
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code...
Pulsesecure Pulse Connect Secure 9.0Pulsesecure Pulse Connect Secure 9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-25675CVE-2023-21072physicalCVE-2023-28446encryptionCVE-2023-21076server-side request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook