Skip to main content
CVE-2021-30657 MEDIUM POC KEV THREAT This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
68.5%
CVE-2021-40797 MEDIUM POC PATCH This Month

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Neutron
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2021-1810 MEDIUM POC This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Authentication Bypass Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2021-36695 MEDIUM POC This Month

Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in the download file feature on a manager profile due to lack of input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Deskpro
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-3054 MEDIUM This Month

A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Paloalto Pan Os
NVD
CVSS 3.1
6.6
EPSS
0.9%
CVE-2021-40812 MEDIUM PATCH This Month

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Libgd
NVD GitHub
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-3055 MEDIUM This Month

An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service XXE Paloalto Pan Os
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-28568 MEDIUM This Month

Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Adobe Genuine Service
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-28567 MEDIUM PATCH This Month

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Improper Authorization vulnerability in the customers module. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-30659 MEDIUM This Month

A validation issue was addressed with improved logic. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-1878 MEDIUM This Month

An integer overflow was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Integer Overflow Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2021-1873 MEDIUM This Month

An API issue in Accessibility TCC permissions was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-1860 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2021-1857 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure Icloud Itunes +6
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-1855 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-1820 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-1811 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure Icloud Itunes +6
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-30796 MEDIUM This Month

A logic issue was addressed with improved validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Iphone Os Mac Os X macOS
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2021-30783 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2021-30755 MEDIUM This Month

Processing a maliciously crafted font may result in the disclosure of process memory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure macOS Tvos +1
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-30721 MEDIUM This Month

A path handling issue was addressed with improved validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
6.5
EPSS
24.3%
CVE-2021-22004 MEDIUM PATCH This Month

An issue was discovered in SaltStack Salt before 3003.3. Rated medium severity (CVSS 6.4).

Information Disclosure Race Condition Salt Fedora
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2021-30714 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition Ipados Iphone Os
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2021-32805 MEDIUM PATCH This Month

Flask-AppBuilder is an application development framework, built on top of Flask. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Python Flask Appbuilder
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-30689 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-1826 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Ipados Iphone Os macOS +2
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-1825 MEDIUM This Month

An input validation issue was addressed with improved input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft XSS Icloud Itunes +6
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2021-30744 MEDIUM This Month

Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-1928 MEDIUM PATCH This Month

Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware +106
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2021-30716 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Denial Of Service Mac Os X macOS
NVD
CVSS 3.1
5.9
EPSS
1.6%
CVE-2021-30696 MEDIUM This Month

An attacker in a privileged network position may be able to misrepresent application state. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2021-1884 MEDIUM This Month

A race condition was addressed with improved locking. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Denial Of Service Race Condition Ipados Iphone Os +4
NVD
CVSS 3.1
5.9
EPSS
1.6%
CVE-2021-30722 MEDIUM This Month

An information disclosure issue was addressed with improved state management. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.9
EPSS
1.6%
CVE-2021-30709 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-30706 MEDIUM This Month

Processing a maliciously crafted image may lead to disclosure of user information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-30705 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-30700 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-30697 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-30695 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +2
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-30694 MEDIUM This Month

An information disclosure issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-30692 MEDIUM This Month

An information disclosure issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-30691 MEDIUM This Month

An information disclosure issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-30687 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +4
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2021-30686 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +4
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-30685 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-30682 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
1.6%
CVE-2021-30674 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2021-30673 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-30669 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-30658 MEDIUM This Month

This issue was addressed with improved handling of file metadata. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
CVSS 3.1
5.5
EPSS
0.4%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy