Skip to main content
CVE-2021-38554 MEDIUM PATCH This Month

HashiCorp Vault and Vault Enterprise’s UI erroneously cached and exposed user-viewed secrets between sessions in a single shared browser. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Hashicorp Vault
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-37351 MEDIUM This Month

Nagios XI before version 5.8.5 is vulnerable to insecure permissions and allows unauthenticated users to access guarded pages through a crafted HTTP request to the server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Nagios Xi
NVD
CVSS 3.1
5.3
EPSS
2.8%
CVE-2021-37586 MEDIUM This Month

The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems before 6.7 could allow a user (with Administrator rights) to replay a previously recorded conversation of another. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Interaction Recording
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-32069 MEDIUM This Month

The AWV component of Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack due to improper TLS negotiation. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Micollab
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38553 MEDIUM PATCH This Month

HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Vault
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2021-3635 MEDIUM This Month

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Linux Linux Kernel Enterprise Linux Fedora
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-37703 MEDIUM PATCH This Month

Discourse is an open-source platform for community discussion. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Discourse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-32068 LOW Monitor

The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Micollab
NVD
CVSS 3.1
3.7
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy