Skip to main content
CVE-2021-26928 MEDIUM POC This Month

BIRD through 2.0.7 does not provide functionality for password authentication of BGP peers. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Authentication Bypass Bird
NVD
CVSS 3.1
6.8
EPSS
1.0%
CVE-2021-31249 MEDIUM POC THREAT This Month

A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter redirect= available on multiple. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Bf 430 Firmware Bf 431 Firmware Bf 450M Firmware
NVD
CVSS 3.1
6.5
EPSS
18.0%
CVE-2021-32641 MEDIUM POC PATCH This Month

auth0-lock is Auth0's signin solution. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE XSS Lock
NVD GitHub
CVSS 3.1
6.1
EPSS
1.5%
CVE-2021-31252 MEDIUM POC THREAT This Month

An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Bf 430 Firmware Bf 431 Firmware Bf 450M Firmware Semac S2 Firmware +10
NVD
CVSS 3.1
6.1
EPSS
28.6%
CVE-2021-31250 MEDIUM POC THREAT This Month

Multiple storage XSS vulnerabilities were discovered on BF-430, BF-431 and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of sanitization of the input on the components. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Bf 430 Firmware Bf 431 Firmware Bf 450M Firmware
NVD
CVSS 3.1
5.4
EPSS
79.6%
CVE-2021-1564 MEDIUM This Month

Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Video Surveillance 7530Pd Firmware Video Surveillance 7070 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-1563 MEDIUM This Month

Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Video Surveillance 7530Pd Firmware Video Surveillance 7070 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-26994 MEDIUM This Month

Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Clustered Data Ontap
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-1527 MEDIUM This Month

A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Microsoft Cisco Webex Player
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-1525 MEDIUM This Month

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Webex Meetings Online Webex Meetings Server
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-3565 MEDIUM PATCH This Month

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Tpm2 Tools Enterprise Linux Fedora
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2021-1544 MEDIUM This Month

A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1537 MEDIUM This Month

A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an unauthenticated, local attacker to access sensitive information that is contained in the ThousandEyes Recorder. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Thousandeyes Recorder
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1517 MEDIUM This Month

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Webex Meetings Online Webex Meetings Server
NVD
CVSS 3.1
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy