Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31407 | 1 Vaadin | 2 Flow, Vaadin | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| Vulnerability in OSGi integration in com.vaadin:flow-server versions 1.2.0 through 2.4.7 (Vaadin 12.0.0 through 14.4.9), and 6.0.0 through 6.0.1 (Vaadin 19.0.0) allows attacker to access application classes and resources on the server via crafted HTTP request. | |||||
| CVE-2021-23264 | 1 Craftercms | 1 Crafter Cms | 2024-11-21 | 6.4 MEDIUM | 8.1 HIGH |
| Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes. | |||||
| CVE-2021-23263 | 1 Craftercms | 1 Crafter Cms | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
| Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary). | |||||