Skip to main content
CVE-2021-20405 HIGH This Week

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Authentication Bypass Security Verify Information Queue
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-21976 HIGH This Week

vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Vsphere Replication
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2021-20188 HIGH PATCH This Week

A flaw was found in podman before 1.7.0. Rated high severity (CVSS 7.0). This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Podman Openshift Container Platform Enterprise Linux
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2021-21057 MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2021-21042 MEDIUM This Month

Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
6.5
EPSS
14.7%
CVE-2021-21055 MEDIUM This Month

Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. Rated medium severity (CVSS 6.2). No vendor patch available.

Information Disclosure Adobe Dreamweaver
NVD
CVSS 3.1
6.2
EPSS
0.8%
CVE-2021-21032 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Magento
NVD
CVSS 3.0
5.6
EPSS
1.6%
CVE-2021-21031 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Magento
NVD
CVSS 3.0
5.6
EPSS
1.7%
CVE-2021-25688 MEDIUM This Month

Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Pcoip Graphics Agent Pcoip Standard Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-21026 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2021-21022 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2021-21020 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an access control bypass vulnerability in the Login as Customer module. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.0
5.3
EPSS
2.4%
CVE-2021-20404 MEDIUM This Month

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Security Verify Information Queue
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-21029 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
CVSS 3.1
4.8
EPSS
84.7%
CVE-2021-21023 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
CVSS 3.0
4.8
EPSS
1.6%
CVE-2021-21060 MEDIUM This Month

Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat Acrobat Dc Acrobat Reader +1
NVD
CVSS 3.1
4.6
EPSS
1.6%
CVE-2021-20335 MEDIUM This Month

For MongoDB Ops Manager versions prior to and including 4.2.24 with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager versions. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ops Manager
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-21034 MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
4.3
EPSS
2.5%
CVE-2021-21027 MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via the GraphQL API. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Adobe Magento
NVD
CVSS 3.0
4.3
EPSS
1.7%
CVE-2021-21301 MEDIUM PATCH This Month

Wire is an open-source collaboration platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apple Information Disclosure Wire
NVD GitHub
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-21061 LOW Monitor

Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Information Disclosure Adobe Acrobat +3
NVD
CVSS 3.0
3.3
EPSS
2.0%
CVE-2021-21046 LOW Monitor

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
3.3
EPSS
1.7%
CVE-2021-20402 LOW Monitor

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Security Verify Information Queue
NVD
CVSS 3.1
2.7
EPSS
1.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy