Skip to main content
CVE-2021-27598 MEDIUM This Month

SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java SAP Authentication Bypass Netweaver Application Server Java
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-29997 MEDIUM This Month

An issue was discovered in Wind River VxWorks 7 before 21.03. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Vxworks
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-28450 MEDIUM PATCH This Month

Microsoft SharePoint Denial of Service Vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Denial Of Service Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
5.0
EPSS
2.4%
CVE-2021-3473 MEDIUM This Month

An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Lenovo Information Disclosure Xclarity Controller
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2021-21483 MEDIUM This Month

Under certain conditions SAP Solution Manager, version - 720, allows a high privileged attacker to get access to sensitive information which has a direct serious impact beyond the exploitable. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Solution Manager
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2021-0443 MEDIUM PATCH This Month

In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required.

Google Information Disclosure Race Condition Java Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2021-3463 MEDIUM This Month

A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Microsoft Denial Of Service Lenovo Power Management Driver
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-27605 MEDIUM This Month

SAP's HCM Travel Management Fiori Apps V2, version - 608, does not perform proper authorization check, allowing an authenticated but unauthorized attacker to read personnel numbers of employees,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Fiori Apps 2 0 For Travel Management In Sap Erp
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-21492 MEDIUM This Month

SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Netweaver Application Server Java
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-28938 MEDIUM This Month

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Federate
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-28316 MEDIUM PATCH This Month

Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
4.2
EPSS
1.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy