Skip to main content
CVE-2021-20741 MEDIUM This Month

Cross-site scripting vulnerability in Hitachi Application Server Help (Hitachi Application Server V10 Manual (Windows) version 10-11-01 and earlier and Hitachi Application Server V10 Manual (UNIX). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Application Server V10 Manual
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-20735 MEDIUM This Month

Cross-site scripting vulnerability in ETUNA EC-CUBE plugins (Delivery slip number plugin (3.0 series) 1.0.10 and earlier, Delivery slip number csv bulk registration plugin (3.0 series) 1.0.8 and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Delivery Slip Number Delivery Slip Number Csv Bulk Registration Delivery Slip Number Mail
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-20734 MEDIUM This Month

Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Welcart E Commerce
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2021-20733 MEDIUM This Month

Improper authorization in handler for custom URL scheme vulnerability in あすけんダイエット (asken diet) for Android versions from v.3.0.0 to v.4.2.x allows a remote attacker to lead a user to access an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Asken
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-34392 MEDIUM This Month

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Nvidia Jetson Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-34391 MEDIUM This Month

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow Nvidia Jetson Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-34390 MEDIUM PATCH This Month

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Integer Overflow Nvidia Jetson Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-22366 MEDIUM This Month

There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Ese620X Vess Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-0552 MEDIUM This Month

In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0542 MEDIUM This Month

In updateNotification of BeamTransferManager.java, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0572 MEDIUM This Month

In doNotification of AccountManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0563 MEDIUM This Month

In ih264e_fmt_conv_422i_to_420sp of ih264e_fmt_conv.c, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0562 MEDIUM This Month

In RasterIntraUpdate of motion_est.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0561 MEDIUM PATCH This Month

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Google Information Disclosure Android +2
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2021-0556 MEDIUM This Month

In getBlockSum of fastcodemb.cpp, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0554 MEDIUM This Month

In isBackupServiceActive of BackupManagerService.java, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-32644 MEDIUM PATCH This Month

Ampache is an open source web based audio/video streaming application and file manager. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Ampache
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-22378 MEDIUM This Month

There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition Ecns280 Td Firmware
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2021-0569 MEDIUM This Month

In onStart of ContactsDumpActivity.java, there is possible access to contacts due to a tapjacking/overlay attack. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google XSS Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2021-22383 MEDIUM This Month

There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Ecns280 Td Firmware Ese620X Vess Firmware
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2021-22342 MEDIUM This Month

There is an information leak vulnerability in Huawei products. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Huawei Information Disclosure Ips Module Firmware Ngfw Module Firmware Semg9811 Firmware +1
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2021-34393 MEDIUM This Month

Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Deserialization RCE Information Disclosure Jetson Linux
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2021-0605 MEDIUM This Month

In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-0549 MEDIUM This Month

In sspRequestCallback of BondStateMachine.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-0541 MEDIUM This Month

In phNxpNciHal_ext_process_nfc_init_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-0566 MEDIUM This Month

In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-34395 MEDIUM This Month

Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Information Disclosure Jetson Linux
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2021-34428 LOW PATCH Monitor

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jetty Debian Linux Active Iq Unified Manager E Series Santricity Os Controller +12
NVD GitHub
CVSS 3.1
3.5
EPSS
1.0%
CVE-2021-22365 LOW Monitor

There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Ese620X Vess Firmware
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-34397 LOW Monitor

Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Nvidia Jetson Linux
NVD
CVSS 3.1
2.3
EPSS
0.2%
CVE-2021-34396 LOW Monitor

Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Jetson Linux
NVD
CVSS 3.1
2.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy