Skip to main content
CVE-2021-1750 HIGH This Week

Multiple issues were addressed with improved logic. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Privilege Escalation Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-1747 HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-1746 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-1745 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +3
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-1744 HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-1743 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-1742 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-1741 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-1738 HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-1737 HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-1736 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-1761 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Ipad Os Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-1764 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Apple Memory Corruption Ipados +5
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2021-22200 HIGH This Week

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-22696 HIGH PATCH This Week

CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via a JWT token as opposed to query parameters (see: The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Apache Denial Of Service Cxf Business Intelligence Communications Diameter Intelligence Hub +3
NVD
CVSS 3.1
7.5
EPSS
6.6%
CVE-2021-1806 HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Mac Os X macOS
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2021-1782 HIGH KEV THREAT This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0). No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.0
EPSS
2.2%
CVE-2021-30126 MEDIUM This Month

Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Controlcenter
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-1801 MEDIUM This Month

This issue was addressed with improved iframe sandbox enforcement. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipad Os Iphone Os macOS +4
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2021-1799 MEDIUM This Month

A port redirection issue was addressed with additional port validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipad Os Iphone Os +5
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2021-22865 MEDIUM This Month

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated from a GitHub App's web authentication flow to read private repository. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Enterprise Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-1765 MEDIUM This Month

This issue was addressed with improved iframe sandbox enforcement. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS Fedora +1
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-22201 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
3.1%
CVE-2021-21400 MEDIUM PATCH This Month

wire-webapp is an open-source front end for Wire, a secure collaboration platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Wire Webapp
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-21532 MEDIUM This Month

Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Wyse Thinos
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2021-30002 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Linux Information Disclosure Linux Kernel Debian Linux
NVD
CVSS 3.1
6.2
EPSS
0.4%
CVE-2021-30125 MEDIUM This Month

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jamf
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-1879 MEDIUM KEV THREAT This Month

This issue was addressed by improved management of object lifetimes. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Ipados Iphone Os Watchos
NVD
CVSS 3.1
6.1
EPSS
7.1%
CVE-2021-29652 MEDIUM PATCH This Month

Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Pomerium
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-29651 MEDIUM PATCH This Month

Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Pomerium
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-28124 MEDIUM This Month

A man-in-the-middle vulnerability in Cohesity DataPlatform support channel in version 6.3 up to 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Cohesity Dataplatform
NVD GitHub
CVSS 3.1
5.9
EPSS
1.0%
CVE-2021-30004 MEDIUM PATCH This Month

In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Hostapd Wpa Supplicant
NVD VulDB
CVSS 3.1
5.3
EPSS
1.7%
CVE-2021-21529 MEDIUM This Month

Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Dell Denial Of Service System Update
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1800 MEDIUM This Month

A path handling issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Xcode
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2021-1797 MEDIUM This Month

The issue was addressed with improved permissions logic. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipad Os Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-1791 MEDIUM This Month

An out-of-bounds read issue existed that led to the disclosure of kernel memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +4
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2021-1786 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-1781 MEDIUM This Month

A privacy issue existed in the handling of Contact cards. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-1778 MEDIUM This Month

An out-of-bounds read issue existed in the curl. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Denial Of Service Information Disclosure Ipados +5
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-1773 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-1769 MEDIUM This Month

A logic issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-1766 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-1760 MEDIUM This Month

A memory corruption issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +5
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-22196 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Gitlab
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-1780 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Ipados Iphone Os
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-21533 MEDIUM This Month

Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wyse Management Suite
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-22202 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all previous versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Gitlab
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-22198 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2021-22197 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-1803 LOW Monitor

The issue was addressed with improved permissions logic. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
3.3
EPSS
0.6%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy