Skip to main content
CVE-2021-41821 MEDIUM POC This Month

Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that might lead to denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Wazuh
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-40651 MEDIUM POC THREAT This Month

OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Opensis
NVD GitHub Exploit-DB
CVSS 3.1
6.5
EPSS
18.4%
CVE-2021-22947 MEDIUM POC PATCH This Month

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Curl Fedora Debian Linux Cloud Backup +22
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2021-41795 MEDIUM This Month

The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Hashicorp Authentication Bypass 1Password
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-41573 MEDIUM This Month

Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Content Platform Anywhere
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-39856 MEDIUM This Month

Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat Acrobat Reader Acrobat Dc +1
NVD
CVSS 3.1
6.5
EPSS
2.3%
CVE-2021-39855 MEDIUM This Month

Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
6.5
EPSS
2.3%
CVE-2021-39846 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
6.1
EPSS
2.5%
CVE-2021-39845 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
6.1
EPSS
2.5%
CVE-2021-25959 MEDIUM PATCH This Month

In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting (XSS), due to unsanitized parameters in the password reset functionality. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Opencrx
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-40716 MEDIUM This Month

XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Xmp Toolkit Software Development Kit Debian Linux
NVD
CVSS 3.1
5.5
EPSS
2.2%
CVE-2021-39861 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +4
NVD
CVSS 3.1
5.5
EPSS
2.5%
CVE-2021-39860 MEDIUM This Month

Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2021-39854 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.0
5.5
EPSS
2.3%
CVE-2021-39853 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.1%
CVE-2021-39852 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2021-39851 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2021-39850 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2021-39849 MEDIUM This Month

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Acrobat Reader +2
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2021-33923 MEDIUM This Month

Insecure permissions in Confluent Ansible (cp-ansible) 5.5.0, 5.5.1, 5.5.2 and 6.0.0 allows local attackers to access some sensitive information (private keys, state database). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cp Ansible
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-29834 MEDIUM PATCH This Month

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Business Automation Workflow Business Process Manager
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-39857 MEDIUM This Month

Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat Acrobat Reader Acrobat Dc +1
NVD
CVSS 3.0
4.3
EPSS
2.4%
CVE-2021-39835 MEDIUM PATCH This Month

Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed PDF file that could. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Adobe Framemaker
NVD
CVSS 3.0
4.3
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy