Skip to main content
CVE-2021-39191 MEDIUM POC PATCH This Month

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Apache Mod Auth Openidc Fedora Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
1.8%
CVE-2021-40491 MEDIUM PATCH This Month

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inetutils Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-30621 MEDIUM PATCH This Month

Chromium: CVE-2021-30621 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.5%
CVE-2021-30619 MEDIUM PATCH This Month

Chromium: CVE-2021-30619 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.5%
CVE-2021-30617 MEDIUM PATCH This Month

Chromium: CVE-2021-30617 Policy bypass in Blink. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2021-30615 MEDIUM PATCH This Month

Chromium: CVE-2021-30615 Cross-origin data leak in Navigation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
5.6%
CVE-2021-40492 MEDIUM This Month

A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Gibbon
NVD GitHub
CVSS 3.1
6.1
EPSS
2.3%
CVE-2021-39193 MEDIUM PATCH This Month

Frontier is Substrate's Ethereum compatibility layer. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Frontier
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy