CVE-2021-21501

Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0...

Linux Distros Unpatched Vulnerability : CVE-2024-21501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowi...

SUSE CVE-2025-21501

unknown...

CVE-2025-21501

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2025-21501

creationtimestamp| type| source ---|---|--- 2025-01-21 21:16:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbrml3aaa2t...

CVE-2025-21501

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Security Bulletin: Information disclosure vulnerabilities affect IBM Business Automation Workflow - CVE-2024-28849, CVE-2024-21501

Summary IBM Business Automation Workflow Web Process Designer is vulnerable to information disclosure attacks. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage...

Fedora 39 : glances (2024-af1f06c79c)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-af1f06c79c advisory. Security fix for CVE-2024-21501 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.9 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.9 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

CVE-2024-21501

An information exposure flaw was found in the sanitize-html package, when used on the backend with the style attribute allowed. This issue may allow an attacker to enumerate files in the system, including project dependencies, to gather details about the file system structure and dependencies of...

08cms (=1.0.0), 10secondsofcode-custom (=1.0.0) +3318 more potentially affected by CVE-2024-21501 via sanitize-html (>=0.1.4 <=2.12.0)

sanitize-html NPM version =0.1.4, =1.0.0, =1.0.0, =1.0.0, =0.6.0, =0.1.0, =0.1.0, =11.1.0, =1.0.0, =1.0.1, =0.2.0, =0.1.0, =0.19.1-rc.2, =0.19.1-rc.4 and more Source cves: CVE-2024-21501 Source advisory: OSV:GHSA-RM97-X556-Q36H...

CVE-2024-21501

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...

CVE-2024-21501

CVE-2024-21501 – sanitize-html information exposure : The sanitize-html package (pre-2.12.1) on the backend with the style attribute enabled can disclose sensitive filesystem and dependency details by enumerating files. Affected: sanitize-html versions before 2.12.1. Impact is information disclos...

CVE-2024-21501

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...

CVE-2024-21501

creationtimestamp| type| source ---|---|--- 2024-02-23 10:04:14+00:00| published-proof-of-concept| https://t.me/slonsernotes/852 2024-02-24 06:26:25+00:00| seen| https://t.me/ctinow/192437 2024-02-24 06:26:31+00:00| seen| https://t.me/ctinow/192440 2024-02-26 19:36:44+00:00| seen|...

CVE-2023-21501

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...

CVE-2023-21501

The CVE-2023-21501 entry concerns Samsung mobile devices where an improper input validation vulnerability in the mPOS fiserve trustlet (pre-SMR May-2023 Release 1) permits a local attacker to execute arbitrary code. Affected component: mPOS fiserve trustlet; root cause: inadequate input validatio...

CVE-2021-21501

creationtimestamp| type| source ---|---|--- 2021-08-10 14:37:14+00:00| seen| https://t.me/cibsecurity/27051...

CVE-2021-21501

CVE-2021-21501 affects Apache ServiceComb ServiceCenter. The vulnerability is a directory traversal issue in ServiceCenter 1.x.x caused by improper configuration, with a fix in version 2.0.0. Affected component is the ServiceCenter directory handling, and the condition is limited to 1.x.x release...

CVE-2021-21501 ServiceComb ServiceCenter Directory Traversal

Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0...