Skip to main content
CVE-2021-0349 MEDIUM This Month

In display driver, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Memory Corruption Use After Free +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0348 MEDIUM This Month

In vpu, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0346 MEDIUM This Month

In vpu, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0345 MEDIUM This Month

In mobile_log_d, there is a possible escalation of privilege due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0344 MEDIUM This Month

In mtkpower, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0343 MEDIUM This Month

In kisd, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-1244 MEDIUM This Month

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure Jwt Attack Ios Xr
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-1136 MEDIUM This Month

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure Jwt Attack Ios Xr
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-25246 MEDIUM PATCH This Month

An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-1389 MEDIUM This Month

A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Authentication Bypass Ios Xr Nx Os
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-1268 MEDIUM This Month

A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service Ios Xr
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-1266 MEDIUM This Month

A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Managed Services Accelerator
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-25248 MEDIUM PATCH This Month

An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Trend Micro Information Disclosure Apex One Officescan +1
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-1128 MEDIUM This Month

A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure Ios Xr
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-25245 MEDIUM PATCH This Month

An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of settings informaiton. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2021-25244 MEDIUM PATCH This Month

An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of configuration informaiton. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2021-25243 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2021-25242 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2021-25241 MEDIUM PATCH This Month

A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro SSRF Information Disclosure Apex One Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
1.9%
CVE-2021-25240 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25239 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25238 MEDIUM PATCH This Month

An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25237 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2021-25236 MEDIUM PATCH This Month

A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro SSRF Information Disclosure Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
1.9%
CVE-2021-25235 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25234 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25233 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25232 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan
NVD
CVSS 3.1
5.3
EPSS
2.0%
CVE-2021-25231 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2021-25230 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25229 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-25228 MEDIUM PATCH This Month

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Information Disclosure Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-0350 MEDIUM This Month

In ged, there is a possible system crash due to an improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-0347 MEDIUM This Month

In ccu, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-1221 MEDIUM This Month

A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Code Injection Webex Meetings Webex Meetings Server
NVD
CVSS 3.1
4.1
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy