Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45330 | 1 Gitea | 1 Gitea | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse. | |||||
| CVE-2021-45706 | 1 Zeroize Derive Project | 1 Zeroize Derive | 2022-06-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the zeroize_derive crate before 1.1.1 for Rust. Dropped memory is not zeroed out for an enum. | |||||
| CVE-2021-36205 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2022-04-25 | 6.8 MEDIUM | 9.8 CRITICAL |
| Under certain circumstances the session token is not cleared on logout. | |||||
| CVE-2021-32928 | 1 Thalesgroup | 1 Sentinel Ldk Run-time Environment | 2021-07-01 | 7.5 HIGH | 9.8 CRITICAL |
| The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 1947. While uninstalling, the uninstaller fails to close Port 1947. | |||||
| CVE-2020-13451 | 1 Thecodingmachine | 1 Gotenberg | 2021-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros. | |||||