Skip to main content
CVE-2021-20364 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20363 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20362 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20361 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-33718 MEDIUM This Month

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.22), Mendix Applications using Mendix 8 (All versions < V8.18.7), Mendix Applications using Mendix 9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Mendix
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-33711 MEDIUM This Month

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcenter Active Workspace
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-31220 MEDIUM This Month

SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.2
EPSS
0.3%
CVE-2021-22440 MEDIUM This Month

There is a path traversal vulnerability in some Huawei products. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Mate 20 Firmware Mate 20 Pro Firmware Hima L29C Firmware +3
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2021-1901 MEDIUM PATCH This Month

Possible buffer over-read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware +40
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-1899 MEDIUM PATCH This Month

Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009W Firmware Aqt1000 Firmware +39
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-1898 MEDIUM PATCH This Month

Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware +40
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-1897 MEDIUM PATCH This Month

Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8009W Firmware +42
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-32755 MEDIUM This Month

Wire is a collaboration platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Information Disclosure Wire
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2021-20424 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cloud Pak For Applications
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2021-33709 MEDIUM This Month

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Teamcenter Active Workspace
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-25671 MEDIUM PATCH This Month

A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Rwg1 M12 Firmware Rwg1 M12D Firmware Rwg1 M8 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-1896 MEDIUM This Month

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Aqt1000 Firmware Qca6164 Firmware Qca6174 Firmware +19
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2021-31224 LOW Monitor

SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
3.5
EPSS
0.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy