|
11
|
7.5 |
HIGH
Network
|
-
|
-
|
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a pa…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47971
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
7.5 |
HIGH
Network
|
-
|
-
|
Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47970
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
7.5 |
HIGH
Network
|
-
|
-
|
Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payl…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2021-47969
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Att…
New
|
CWE-79
Cross-site Scripting
|
CVE-2021-47957
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
8.2 |
HIGH
Network
|
-
|
-
|
EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attackers…
New
|
CWE-89
SQL Injection
|
CVE-2021-47956
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
5.4 |
MEDIUM
Network
|
-
|
-
|
CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality…
New
|
CWE-79
Cross-site Scripting
|
CVE-2021-47955
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
8.2 |
HIGH
Network
|
-
|
-
|
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send…
New
|
CWE-89
SQL Injection
|
CVE-2021-47954
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
9.8 |
CRITICAL
Network
|
-
|
-
|
python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. …
New
|
CWE-94
Code Injection
|
CVE-2021-47952
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
7.5 |
HIGH
Network
|
-
|
-
|
Home Assistant Community Store (HACS) 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfiles/ endpoi…
New
|
CWE-22
Path Traversal
|
CVE-2021-47942
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
5.3 |
MEDIUM
Network
|
-
|
-
|
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and …
New
|
CWE-79
Cross-site Scripting
|
CVE-2021-47934
|
2026-05-17 01:16 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
