Skip to main content
CVE-2021-32823 LOW POC PATCH Monitor

In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Denial Of Service Bindata Gitlab
NVD GitHub
CVSS 3.1
3.7
EPSS
1.9%
CVE-2021-29948 LOW POC Monitor

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Race Condition Thunderbird
NVD
CVSS 3.1
2.5
EPSS
0.3%
CVE-2021-24000 LOW Monitor

A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Mozilla Information Disclosure Race Condition Firefox
NVD
CVSS 3.1
3.1
EPSS
0.6%
CVE-2021-33604 LOW PATCH Monitor

URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local. Rated low severity (CVSS 2.5), this vulnerability is no authentication required.

RCE Flow Server Vaadin
NVD GitHub
CVSS 3.1
2.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy