Skip to main content
CVE-2021-22237 MEDIUM This Month

Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Gitlab Session Fixation
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-39112 MEDIUM PATCH This Month

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Atlassian Information Disclosure Data Center Jira Jira Data Center +1
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2021-1583 MEDIUM PATCH This Month

A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Cisco Authentication Bypass Nx Os
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-1592 MEDIUM PATCH This Month

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Cisco Denial Of Service Unified Computing System
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2021-22247 MEDIUM This Month

Improper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private projects to view CI/CD analytics. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-22243 MEDIUM This Month

Under specialized conditions, GitLab CE/EE versions starting 7.10 may allow existing GitLab users to use an invite URL meant for another email address to gain access into a group. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-33605 MEDIUM PATCH This Month

Improper check in CheckboxGroup in com.vaadin:vaadin-checkbox-flow versions 1.2.0 prior to 2.0.0 (Vaadin 12.0.0 prior to 14.0.0), 2.0.0 prior to 3.0.0 (Vaadin 14.0.0 prior to 14.5.0), 3.0.0 through. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Vaadin Checkbox Flow
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-22245 LOW Monitor

Improper validation of commit author in GitLab CE/EE affecting all versions allowed an attacker to make several pages in a project impossible to view. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
2.7
EPSS
1.4%
CVE-2021-40087 LOW Monitor

An issue was discovered in PrimeKey EJBCA before 7.6.0. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ejbca
NVD
CVSS 3.1
2.7
EPSS
0.4%
CVE-2021-40089 LOW Monitor

An issue was discovered in PrimeKey EJBCA before 7.6.0. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ejbca
NVD
CVSS 3.1
2.3
EPSS
0.2%
CVE-2021-40086 LOW Monitor

An issue was discovered in PrimeKey EJBCA before 7.6.0. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Ejbca
NVD
CVSS 3.1
2.2
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy