Skip to main content
CVE-2021-28114 MEDIUM PATCH This Month

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Froala Editor
NVD
CVSS 3.1
5.4
EPSS
52.0%
CVE-2021-36758 MEDIUM PATCH This Month

1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Connect
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-34451 MEDIUM PATCH This Month

Microsoft Office Online Server Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Office Online Server
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2021-3453 MEDIUM This Month

Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Lenovo Information Disclosure Thinkpad Helix Firmware Thinkpad T550 Firmware +19
NVD
CVSS 3.1
4.6
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy