Skip to main content
CVE-2021-25316 LOW POC Monitor

A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure S390 Tools
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2021-28157 HIGH This Week

An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Devolutions Server
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2021-28048 MEDIUM This Month

An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Devolutions Server
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-27250 MEDIUM PATCH This Month

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

D-Link Information Disclosure Dap 2020 Firmware
NVD
CVSS 3.1
6.5
EPSS
66.0%
CVE-2021-27247 MEDIUM This Month

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat 2.9.5 desktop version. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Wechat
NVD
CVSS 3.1
6.5
EPSS
6.4%
CVE-2021-27604 MEDIUM This Month

In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Enterprise Service Repository JAVA Mappings), versions - 7.10, 7.20, 7.30,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE SAP Java Netweaver Process Integration
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-27599 MEDIUM This Month

SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Integration Builder Framework), versions - 7.10, 7.30, 7.31, 7.40, 7.50, allows an attacker to access information under certain. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Netweaver Process Integration
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-26030 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Joomla
NVD
CVSS 3.1
6.1
EPSS
82.3%
CVE-2021-26832 MEDIUM This Month

Cross Site Scripting (XSS) in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Priority Enterprise Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-26031 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Joomla
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-27260 LOW Monitor

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Parallels Desktop
NVD
CVSS 3.1
3.2
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy