Skip to main content
CVE-2021-27901 MEDIUM This Month

An issue was discovered on LG mobile devices with Android OS 11 software. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2021-27888 MEDIUM This Month

ZendTo before 6.06-4 Beta allows XSS during the display of a drop-off in which a filename has unexpected characters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zendto
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-27731 MEDIUM This Month

Accellion FTA 9_12_432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Fta
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-21255 MEDIUM PATCH This Month

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Glpi
NVD GitHub
CVSS 3.1
5.7
EPSS
0.9%
CVE-2021-27904 MEDIUM PATCH This Month

An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure PHP Misp
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-22296 MEDIUM This Month

A component of HarmonyOS 2.0 has a DoS vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-21258 MEDIUM PATCH This Month

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Glpi
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2021-3384 MEDIUM This Month

A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-21514 MEDIUM This Month

Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Path Traversal Openmanage Server Administrator
NVD
CVSS 3.1
4.9
EPSS
5.4%
CVE-2021-22187 MEDIUM This Month

An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2021-21320 MEDIUM PATCH This Month

matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Information Disclosure Matrix React Sdk
NVD GitHub
CVSS 3.1
4.3
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy