Skip to main content
CVE-2021-28167 MEDIUM POC This Month

In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Openj9
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-31329 MEDIUM POC This Month

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Chat" and "Personal Address" field on staff/register.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.7%
CVE-2021-31327 MEDIUM POC This Month

Stored XSS in Remote Clinic v2.0 in /medicines due to Medicine Name Field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Remote Clinic
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
1.7%
CVE-2021-21643 MEDIUM PATCH This Month

Jenkins Config File Provider Plugin 3.7.0 and earlier does not correctly perform permission checks in several HTTP endpoints, allowing attackers with global Job/Configure permission to enumerate. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Config File Provider
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-1078 MEDIUM This Month

NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Microsoft Denial Of Service Nvidia Gpu Display Driver
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1077 MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Nvidia Gpu Display Driver
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-29456 MEDIUM PATCH This Month

Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Authelia
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-21644 MEDIUM PATCH This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Config File Provider
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2021-21647 MEDIUM PATCH This Month

Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Cloudbees Cd
NVD
CVSS 3.1
4.3
EPSS
1.5%
CVE-2021-21645 MEDIUM PATCH This Month

Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Config File Provider
NVD
CVSS 3.1
4.3
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy