Skip to main content
CVE-2021-33911 CRITICAL Act Now

Zoho ManageEngine ADManager Plus before 7110 allows remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Zoho Manageengine Admanager Plus
NVD
CVSS 3.1
9.8
EPSS
5.3%
CVE-2021-36213 HIGH PATCH This Week

HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp HashiCorp Consul
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-32574 HIGH PATCH This Week

HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp HashiCorp Consul
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-36772 MEDIUM This Month

Zoho ManageEngine ADManager Plus before 7110 allows stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zoho Manageengine Admanager Plus
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-36771 MEDIUM This Month

Zoho ManageEngine ADManager Plus before 7110 allows reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zoho Manageengine Admanager Plus
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-36769 MEDIUM This Month

A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Telegram Telegram Desktop
NVD
CVSS 3.1
5.3
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy