Skip to main content
CVE-2021-28820 HIGH This Week

The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Java Ftl
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28819 HIGH This Week

The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability that. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Ftl
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-28818 HIGH This Week

The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Java Rendezvous
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28817 HIGH This Week

The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Rendezvous
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-3444 HIGH PATCH This Week

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux RCE Information Disclosure Linux Kernel Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-20270 HIGH PATCH This Week

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Pygments Openshift Container Platform Openstack Platform Software Collections +3
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2021-20222 HIGH PATCH This Week

A flaw was found in keycloak. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Keycloak
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-21359 HIGH PATCH This Week

TYPO3 is an open source PHP based web content management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Typo3
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-21339 HIGH PATCH This Week

TYPO3 is an open source PHP based web content management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Typo3
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-21348 HIGH PATCH This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Java Oncommand Insight Activemq Jmeter +13
NVD GitHub
CVSS 3.1
7.5
EPSS
13.8%
CVE-2021-3392 LOW POC PATCH Monitor

A use-after-free flaw was found in the MegaRAID emulator of QEMU. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Denial Of Service Memory Corruption Qemu Fedora +1
NVD
CVSS 3.1
3.2
EPSS
0.4%
CVE-2021-21376 MEDIUM PATCH This Month

OMERO.web is open source Django-based software for managing microscopy imaging. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Python Information Disclosure Omero Web
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%
CVE-2021-21338 MEDIUM PATCH This Month

TYPO3 is an open source PHP based web content management system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect PHP Typo3
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-3409 MEDIUM PATCH This Month

The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Denial Of Service Qemu Enterprise Linux +2
NVD
CVSS 3.1
5.7
EPSS
0.5%
CVE-2021-28100 MEDIUM This Month

Priam uses File.createTempFile, which gives the permissions on that file -rw-r--r--. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Priam
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-20227 MEDIUM PATCH This Month

A flaw was found in SQLite's SELECT query functionality (src/select.c). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service RCE Memory Corruption Sqlite +6
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2021-20219 MEDIUM This Month

A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Linux Denial Of Service Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-21377 MEDIUM PATCH This Month

OMERO.web is open source Django-based software for managing microscopy imaging. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Python Omero Web
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-21370 MEDIUM PATCH This Month

TYPO3 is an open source PHP based web content management system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Typo3
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-21358 MEDIUM PATCH This Month

TYPO3 is an open source PHP based web content management system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Typo3
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-21340 MEDIUM PATCH This Month

TYPO3 is an open source PHP based web content management system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Typo3
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-28099 MEDIUM This Month

In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hollow
NVD GitHub
CVSS 3.1
4.4
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy