CVE-2021-25952
Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution.
Source: CVE-2021-25952
[월:] 2021년 07월
CVE-2021-22555
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
Source: CVE-2021-22555
CVE-2021-22225
CVE-2021-22225
Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown
Source: CVE-2021-22225
CVE-2021-26035
CVE-2021-26035
An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a XSS vulnerability.
Source: CVE-2021-26035
CVE-2021-26039
CVE-2021-26039
An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.
Source: CVE-2021-26039
CVE-2021-22227
CVE-2021-22227
A reflected cross-site script vulnerability in GitLab before versions 13.11.6, 13.12.6 and 14.0.2 allowed an attacker to send a malicious link to a victim and trigger actions on their behalf if they clicked it
Source: CVE-2021-22227
CVE-2021-22230
CVE-2021-22230
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2.
Source: CVE-2021-22230
CVE-2021-22231
CVE-2021-22231
A denial of service in user’s profile page is found starting with GitLab CE/EE 8.0 that allows attacker to reject access to their profile page via using a specially crafted username.
Source: CVE-2021-22231
CVE-2021-26037
CVE-2021-26037
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user’s password was changed or the user was blocked.
Source: CVE-2021-26037
CVE-2021-26036
CVE-2021-26036
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table.
Source: CVE-2021-26036