Skip to main content
CVE-2021-32093 MEDIUM POC This Month

The ConfigFileAction component of U.S. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Emissary
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-32100 MEDIUM POC This Month

A remote file inclusion vulnerability exists in Artica Pandora FMS 742, exploitable by the lowest privileged user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pandora Fms
NVD
CVSS 3.1
6.5
EPSS
2.6%
CVE-2021-26123 MEDIUM POC This Month

LivingLogic XIST4C before 0.107.8 allows XSS via login.htm, login.wihtm, or login-form.htm. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xist4C
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-26122 MEDIUM POC This Month

LivingLogic XIST4C before 0.107.8 allows XSS via feedback.htm or feedback.wihtm. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xist4C
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-32092 MEDIUM POC This Month

A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Emissary
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2021-32091 MEDIUM POC PATCH This Month

A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Localstack
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-3502 MEDIUM POC This Month

A flaw was found in avahi 0.8-5. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Avahi
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-27571 MEDIUM POC This Month

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Emote Remote Mouse
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-27570 MEDIUM POC This Month

An issue was discovered in Emote Remote Mouse through 3.015. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Emote Remote Mouse
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2021-27569 MEDIUM POC This Month

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Emote Remote Mouse
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-30173 MEDIUM This Month

Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Omnidirectional Communication System
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-32470 MEDIUM PATCH This Month

Craft CMS before 3.6.13 has an XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Craft Cms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-31471 MEDIUM This Month

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure 3D
NVD
CVSS 3.1
5.5
EPSS
2.1%
CVE-2021-1906 MEDIUM KEV PATCH THREAT This Month

Improper handling of address deregistration on failure can lead to new GPU address allocation failure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +397
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2021-30172 MEDIUM This Month

Special characters of picture preview page in the Quan-Fang-Wei-Tong-Xun system are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Omnidirectional Communication System
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-30171 MEDIUM This Month

Special characters of ERP POS news page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Enterprise Resource Planning Point Of Sale System
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-30170 MEDIUM This Month

Special characters of ERP POS customer profile page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Enterprise Resource Planning Point Of Sale System
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-29488 MEDIUM PATCH This Month

SABnzbd is an open source binary newsreader. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Sabnzbd
NVD GitHub
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-21419 MEDIUM PATCH This Month

Eventlet is a concurrent networking library for Python. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Denial Of Service Eventlet Fedora
NVD GitHub
CVSS 3.1
5.3
EPSS
1.8%
CVE-2021-32103 MEDIUM This Month

A Stored XSS vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.1 allows a admin authenticated user to inject arbitrary web script or HTML via the lname parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Openemr
NVD
CVSS 3.1
4.8
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy