Skip to main content
CVE-2021-0215 MEDIUM POC This Month

On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-23837 MEDIUM POC This Month

An issue was discovered in flatCore before 2.0.0 build 139. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Flatcore
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%
CVE-2021-23835 MEDIUM POC This Month

An issue was discovered in flatCore before 2.0.0 build 139. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Flatcore
NVD GitHub
CVSS 3.1
4.9
EPSS
1.7%
CVE-2021-23838 MEDIUM POC This Month

An issue was discovered in flatCore before 2.0.0 build 139. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Authentication Bypass Flatcore
NVD GitHub
CVSS 3.1
4.8
EPSS
1.0%
CVE-2021-23836 MEDIUM POC This Month

An issue was discovered in flatCore before 2.0.0 build 139. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Flatcore
NVD GitHub
CVSS 3.1
4.8
EPSS
0.9%
CVE-2021-0220 MEDIUM This Month

The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE XSS Juniper Junos Space
NVD
CVSS 3.1
6.8
EPSS
1.2%
CVE-2021-0210 MEDIUM This Month

An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticated attacker to elevate their privileges over the target system through opportunistic use of an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Juniper Junos
NVD
CVSS 3.1
6.8
EPSS
1.1%
CVE-2021-0219 MEDIUM This Month

A command injection vulnerability in install package validation subsystem of Juniper Networks Junos OS that may allow a locally authenticated attacker with privileges to execute commands with root. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Juniper Junos
NVD
CVSS 3.1
6.7
EPSS
0.7%
CVE-2021-21250 MEDIUM PATCH This Month

OneDev is an all-in-one devops platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Onedev
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-0221 MEDIUM This Month

In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-0209 MEDIUM This Month

In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Juniper Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-22171 MEDIUM This Month

Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-22168 MEDIUM This Month

A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version 12.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-0205 MEDIUM This Month

When the "Intrusion Detection Service" (IDS) feature is configured on Juniper Networks MX series with a dynamic firewall filter using IPv6 source or destination prefix, it may incorrectly match the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 3.1
5.8
EPSS
1.2%
CVE-2021-0212 MEDIUM This Month

An Information Exposure vulnerability in Juniper Networks Contrail Networking allows a locally authenticated attacker able to read files to retrieve administrator credentials stored in plaintext. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Juniper Contrail Networking
NVD
CVSS 3.1
5.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy