Skip to main content
CVE-2021-0365 MEDIUM This Month

In display driver, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Memory Corruption Use After Free +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0364 MEDIUM This Month

In mobile_log_d, there is a possible command injection due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Command Injection Android
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-0363 MEDIUM This Month

In mobile_log_d, there is a possible command injection due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Command Injection Android
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-0362 MEDIUM This Month

In aee, there is a possible memory corruption due to a stack buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0361 MEDIUM This Month

In kisd, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Google Information Disclosure Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0360 MEDIUM This Month

In netdiag, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0359 MEDIUM This Month

In netdiag, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0358 MEDIUM This Month

In netdiag, there is a possible command injection due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Command Injection Android
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-0357 MEDIUM This Month

In netdiag, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0356 MEDIUM This Month

In netdiag, there is a possible command injection due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Command Injection Android
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-0355 MEDIUM This Month

In kisd, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0354 MEDIUM This Month

In ged, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0353 MEDIUM This Month

In kisd, there is a possible memory corruption due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-25759 MEDIUM This Month

In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hub
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-26023 MEDIUM This Month

The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Favorites
NVD
CVSS 3.1
6.1
EPSS
25.2%
CVE-2021-25773 MEDIUM This Month

JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Teamcity
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-25757 MEDIUM This Month

In JetBrains Hub before 2020.1.12629, an open redirect was possible. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Hub
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-26024 MEDIUM This Month

The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference: it is possible to create favorites for any other user account. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Favorites
NVD
CVSS 3.1
5.3
EPSS
19.0%
CVE-2021-25778 MEDIUM This Month

In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-25777 MEDIUM This Month

In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-25772 MEDIUM This Month

In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-25768 MEDIUM This Month

In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Youtrack
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-25767 MEDIUM This Month

In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Youtrack
NVD
CVSS 3.1
5.3
EPSS
2.6%
CVE-2021-25766 MEDIUM This Month

In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Youtrack
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2021-25763 MEDIUM This Month

In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ktor
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-25762 MEDIUM This Month

In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Ktor
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-25761 MEDIUM This Month

In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ktor
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-25760 MEDIUM This Month

In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hub
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-25756 MEDIUM This Month

In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Intellij Idea
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2021-0352 MEDIUM This Month

In RT regmap driver, there is a possible memory corruption due to type confusion. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Memory Corruption Denial Of Service Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-25774 MEDIUM This Month

In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Teamcity
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-25771 MEDIUM This Month

In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Youtrack
NVD
CVSS 3.1
4.3
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy