Skip to main content
CVE-2021-1412 MEDIUM This Month

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Identity Services Engine
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-26559 MEDIUM PATCH This Month

Improper Access Control on Configurations Endpoint for the Stable API of Apache Airflow allows users with Viewer or User role to get Airflow Configurations including sensitive information even when. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Privilege Escalation Authentication Bypass Airflow
NVD
CVSS 3.1
6.5
EPSS
2.8%
CVE-2021-23339 MEDIUM PATCH This Month

This affects all versions before 10.1.14 and from 10.2.0 to 10.2.4 of package com.typesafe.akka:akka-http-core. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Akka Http
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-1351 MEDIUM This Month

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Webex Meetings
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1372 MEDIUM This Month

A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft Information Disclosure Webex Meetings Webex Meetings Server
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-26933 MEDIUM PATCH This Month

An issue was discovered in Xen 4.9 through 4.14.x. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Xen Fedora Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-26932 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel Fedora Debian Linux +5
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-26931 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Linux Denial Of Service Linux Kernel Fedora Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2021-22853 MEDIUM This Month

The HR Portal of Soar Cloud System fails to manage access control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Hr Portal
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2021-26697 MEDIUM PATCH This Month

The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Privilege Escalation Airflow
NVD
CVSS 3.1
5.3
EPSS
4.6%
CVE-2021-20653 MEDIUM This Month

Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Csdj B Firmware Csdj H Firmware Csdj D Firmware Csdj A Firmware
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-1416 MEDIUM This Month

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Identity Services Engine
NVD
CVSS 3.1
4.3
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy