Skip to main content
CVE-2021-22527 HIGH This Week

Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Access Manager
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-24560 MEDIUM This Month

The Software License Manager WordPress plugin before 4.4.8 does not sanitise or escape the edit_record parameter before outputting it back in the page in the admin dashboard, leading to a Reflected. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Software License Manager
NVD WPScan
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-22526 MEDIUM This Month

Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Access Manager
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2021-40824 MEDIUM PATCH This Month

A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Google Authentication Bypass Element Matrix Android Sdk2
NVD GitHub
CVSS 3.1
5.9
EPSS
0.7%
CVE-2021-40823 MEDIUM PATCH This Month

A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Javascript Sdk
NVD GitHub
CVSS 3.1
5.9
EPSS
0.7%
CVE-2021-33365 MEDIUM PATCH This Month

Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-33363 MEDIUM PATCH This Month

Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-40214 MEDIUM This Month

Gibbon v22.0.00 suffers from a stored XSS vulnerability within the wall messages component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Gibbon
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2021-22528 MEDIUM This Month

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Access Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-22524 MEDIUM This Month

Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Access Manager
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2021-39212 LOW PATCH Monitor

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. Rated low severity (CVSS 3.6). This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Imagemagick
NVD GitHub
CVSS 3.1
3.6
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy