Skip to main content
CVE-2021-29625 MEDIUM POC PATCH This Month

Adminer is open-source database management software. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP XSS Adminer
NVD GitHub
CVSS 3.1
6.1
EPSS
8.7%
CVE-2021-29622 MEDIUM POC THREAT This Month

Prometheus is an open-source monitoring system and time series database. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Prometheus
NVD GitHub
CVSS 3.1
6.1
EPSS
19.6%
CVE-2021-29624 MEDIUM PATCH This Month

fastify-csrf is an open-source plugin helps developers protect their Fastify server against CSRF attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Fastify Csrf
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-31158 MEDIUM This Month

In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Couchbase Server
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2017-17678 MEDIUM This Month

BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Remedy Mid Tier
NVD VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-29503 MEDIUM PATCH This Month

HedgeDoc is a platform to write and share markdown. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Hedgedoc
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2021-31930 MEDIUM This Month

Persistent cross-site scripting (XSS) in the web interface of Concerto through 2.3.6 allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Concerto
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-27924 MEDIUM This Month

An issue was discovered in Couchbase Server 6.x through 6.6.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Couchbase Server
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2017-17675 MEDIUM This Month

BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Remedy Mid Tier
NVD VulDB
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-3421 MEDIUM PATCH This Month

A flaw was found in the RPM package in the read functionality. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jwt Attack Rpm Enterprise Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-20528 MEDIUM PATCH This Month

IBM Control Center 6.2.0.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Control Center
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20374 MEDIUM PATCH This Month

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Maximo Asset Management
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20529 MEDIUM PATCH This Month

IBM Control Center 6.2.0.0 could allow a user to obtain sensitive version information that could be used in further attacks against the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Control Center
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-21733 MEDIUM This Month

The management system of ZXCDN is impacted by the information leak vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zxcdn
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-27925 MEDIUM This Month

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Race Condition Couchbase Server
NVD
CVSS 3.1
4.4
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy