Skip to main content
CVE-2021-31810 MEDIUM POC PATCH This Month

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Ruby Debian Linux Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
5.8
EPSS
3.0%
CVE-2021-35957 MEDIUM This Month

Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32). Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-1931 MEDIUM PATCH This Month

Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +118
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36123 MEDIUM This Month

An issue was discovered in Echo ShareCare 8.15.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sharecare
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-36214 MEDIUM This Month

LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Line
NVD VulDB
CVSS 3.1
6.1
EPSS
0.2%
CVE-2021-33710 MEDIUM This Month

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Teamcenter Active Workspace
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-20369 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Cloud Pak For Applications
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2021-31223 MEDIUM This Month

SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.7
EPSS
0.6%
CVE-2021-31222 MEDIUM This Month

SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.7
EPSS
0.5%
CVE-2021-31221 MEDIUM This Month

SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.7
EPSS
0.5%
CVE-2021-22399 MEDIUM This Month

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Huawei Denial Of Service P30 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-34333 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-34332 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-34325 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34322 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2021-34321 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34320 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34308 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34307 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34304 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34303 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34302 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-34299 MEDIUM This Month

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-33715 MEDIUM This Month

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Jt Utilities
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-33714 MEDIUM This Month

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Jt Utilities
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-33713 MEDIUM This Month

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jt Utilities
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-20368 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20366 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20365 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20364 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20363 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20362 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20361 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Applications
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-33718 MEDIUM This Month

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.22), Mendix Applications using Mendix 8 (All versions < V8.18.7), Mendix Applications using Mendix 9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Mendix
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-33711 MEDIUM This Month

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcenter Active Workspace
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-31220 MEDIUM This Month

SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.2
EPSS
0.3%
CVE-2021-22440 MEDIUM This Month

There is a path traversal vulnerability in some Huawei products. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Mate 20 Firmware Mate 20 Pro Firmware Hima L29C Firmware +3
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2021-1901 MEDIUM PATCH This Month

Possible buffer over-read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware +40
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-1899 MEDIUM PATCH This Month

Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009W Firmware Aqt1000 Firmware +39
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-1898 MEDIUM PATCH This Month

Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware +40
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-1897 MEDIUM PATCH This Month

Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8009W Firmware +42
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-32755 MEDIUM This Month

Wire is a collaboration platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Information Disclosure Wire
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2021-20424 MEDIUM This Month

IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cloud Pak For Applications
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2021-33709 MEDIUM This Month

A vulnerability has been identified in Teamcenter Active Workspace V4 (All versions < V4.3.9), Teamcenter Active Workspace V5.0 (All versions < V5.0.7), Teamcenter Active Workspace V5.1 (All versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Teamcenter Active Workspace
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-25671 MEDIUM PATCH This Month

A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Rwg1 M12 Firmware Rwg1 M12D Firmware Rwg1 M8 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-1896 MEDIUM This Month

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Aqt1000 Firmware Qca6164 Firmware Qca6174 Firmware +19
NVD
CVSS 3.1
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy