Search

Search Results (367120 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-25786 1 Qpdf Project 1 Qpdf 2024-11-21 5.3 Medium
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
CVE-2021-25785 1 Taogogo 1 Taocms 2024-11-21 4.8 Medium
Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column.
CVE-2021-25784 1 Taogogo 1 Taocms 2024-11-21 7.2 High
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article.
CVE-2021-25783 1 Taogogo 1 Taocms 2024-11-21 7.2 High
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search.
CVE-2021-25778 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.
CVE-2021-25777 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.
CVE-2021-25776 1 Jetbrains 1 Teamcity 2024-11-21 7.5 High
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
CVE-2021-25775 1 Jetbrains 1 Teamcity 2024-11-21 3.8 Low
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.
CVE-2021-25774 1 Jetbrains 1 Teamcity 2024-11-21 4.3 Medium
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
CVE-2021-25773 1 Jetbrains 1 Teamcity 2024-11-21 6.1 Medium
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.
CVE-2021-25772 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.
CVE-2021-25771 1 Jetbrains 1 Youtrack 2024-11-21 4.3 Medium
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.
CVE-2021-25770 1 Jetbrains 1 Youtrack 2024-11-21 9.8 Critical
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
CVE-2021-25769 1 Jetbrains 1 Youtrack 2024-11-21 7.5 High
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25768 1 Jetbrains 1 Youtrack 2024-11-21 5.3 Medium
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.
CVE-2021-25767 1 Jetbrains 1 Youtrack 2024-11-21 5.3 Medium
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
CVE-2021-25766 1 Jetbrains 1 Youtrack 2024-11-21 5.3 Medium
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25765 1 Jetbrains 1 Youtrack 2024-11-21 8.8 High
In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.
CVE-2021-25764 1 Jetbrains 1 Phpstorm 2024-11-21 5.3 Medium
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
CVE-2021-25763 1 Jetbrains 1 Ktor 2024-11-21 5.3 Medium
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.