Skip to main content
CVE-2020-24085 MEDIUM PATCH This Month

A cross-site scripting (XSS) vulnerability exists in MISP v2.4.128 in app/Controller/UserSettingsController.php at SetHomePage() function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS PHP Misp
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1071 MEDIUM This Month

NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Information Disclosure Linux For Tegra
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-3308 MEDIUM PATCH This Month

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Xen Fedora
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-21283 MEDIUM PATCH This Month

Flarum is an open source discussion platform for websites. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Sticky
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-23272 MEDIUM This Month

The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Bpm Enterprise Bpm Enterprise Distribution For Silver Fabric
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-3285 MEDIUM This Month

jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Code Composer Studio Intgrated Development Environment
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-25901 MEDIUM PATCH This Month

An issue was discovered in the lazy-init crate through 2021-01-17 for Rust. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Lazy Init
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2021-21615 MEDIUM PATCH This Month

Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Jenkins Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy