Skip to main content
CVE-2021-28556 MEDIUM PATCH This Month

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
CVSS 3.1
4.8
EPSS
1.4%
CVE-2021-33515 MEDIUM This Month

The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Dovecot Fedora Debian Linux
NVD
CVSS 3.1
4.8
EPSS
2.8%
CVE-2021-29693 MEDIUM PATCH This Month

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user that is in the with elevated group privileges to cause a denial of service due to a vulnerability in the lpd daemon. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

IBM Denial Of Service Vios Aix
NVD
CVSS 3.1
4.4
EPSS
0.6%
CVE-2021-35300 MEDIUM PATCH This Month

Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote attackers to manipulate users into visiting the attackers' page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Zammad
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-29751 MEDIUM PATCH This Month

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Business Automation Workflow Business Process Manager
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-20413 MEDIUM PATCH This Month

IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Guardium Data Encryption
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-28579 MEDIUM This Month

Adobe Connect version 11.2.1 (and earlier) is affected by an Improper access control vulnerability that can lead to the elevation of privileges. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Connect
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2021-28576 MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
4.3
EPSS
2.6%
CVE-2021-28575 MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
4.3
EPSS
2.8%
CVE-2021-28574 MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
4.3
EPSS
2.8%
CVE-2021-28583 MEDIUM PATCH This Month

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity.

Authentication Bypass Adobe Magento
NVD
CVSS 3.1
4.2
EPSS
1.9%
CVE-2021-28587 LOW Monitor

After Effects versions 18.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure After Effects
NVD
CVSS 3.1
3.3
EPSS
1.7%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy