Skip to main content
CVE-2021-27074 MEDIUM POC PATCH This Month

Azure Sphere Unsigned Code Execution Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft RCE Azure Sphere
NVD
CVSS 3.1
6.2
EPSS
1.0%
CVE-2021-28088 MEDIUM POC This Month

Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Impresscms
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-27679 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Navigation in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Batflat
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-27678 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Snippets in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Batflat
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-27677 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Galleries in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Batflat
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-26776 MEDIUM POC This Month

CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerability in multiple pages through the field name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Csz Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-28153 MEDIUM POC This Month

An issue was discovered in GNOME GLib before 2.66.8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glib Brocade Fabric Operating System Firmware Debian Linux Fedora
NVD
CVSS 3.1
5.3
EPSS
2.6%
CVE-2021-27075 MEDIUM PATCH This Month

Azure Virtual Machine Information Disclosure Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Azure Container Instances Azure Container Registry Azure Kubernetes Service +2
NVD
CVSS 3.1
6.8
EPSS
1.3%
CVE-2021-20261 MEDIUM PATCH This Month

A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. Rated medium severity (CVSS 6.4).

Information Disclosure Race Condition Linux Kernel Enterprise Linux
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2021-26892 MEDIUM PATCH This Month

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
6.2
EPSS
1.1%
CVE-2021-26886 MEDIUM PATCH This Month

User Profile Service Denial of Service Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Denial Of Service Windows 10 Windows 8 1 Windows Rt 8 1 Windows Server 2012 +2
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-26884 MEDIUM PATCH This Month

Windows Media Photo Codec Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-26869 MEDIUM PATCH This Month

Windows ActiveX Installer Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-24107 MEDIUM PATCH This Month

Windows Event Tracing Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-21364 MEDIUM PATCH This Month

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Swagger Codegen
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-27919 MEDIUM PATCH This Month

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Go Fedora
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2021-20336 MEDIUM This Month

IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Tivoli Netcool Omnibus Webgui
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-27052 MEDIUM PATCH This Month

Microsoft SharePoint Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Sharepoint Enterprise Server Sharepoint Server
NVD
CVSS 3.1
5.3
EPSS
2.5%
CVE-2021-24104 MEDIUM PATCH This Month

Microsoft SharePoint Server Spoofing Vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Microsoft Information Disclosure Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
4.6
EPSS
1.2%
CVE-2021-27066 MEDIUM PATCH This Month

Windows Admin Center Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows Admin Center
NVD
CVSS 3.1
4.3
EPSS
2.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy