Skip to main content
CVE-2021-24122 MEDIUM PATCH This Month

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Tomcat Microsoft Information Disclosure Apache Debian Linux +1
NVD
CVSS 3.1
5.9
EPSS
22.9%
CVE-2021-22132 MEDIUM PATCH This Month

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Elastic Information Disclosure Elasticsearch Communications Cloud Native Core Automated Test Suite
NVD
CVSS 3.1
4.8
EPSS
1.2%
CVE-2021-21722 MEDIUM This Month

A ZTE Smart STB is impacted by an information leak vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Zte Information Disclosure Zxv10 B860A Firmware
NVD
CVSS 3.1
4.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy