Skip to main content
CVE-2021-41845 MEDIUM This Month

A SQL injection issue was discovered in ThycoticCentrify Secret Server before 11.0.000007. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Secret Server
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-40928 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in index.php in FlexTV beta development version allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Flextv
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-29109 MEDIUM PATCH This Month

A reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Portal For Arcgis
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-38106 MEDIUM This Month

UAX200.dll in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Presentations 2020
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2021-38105 MEDIUM This Month

IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Presentations 2020
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2021-38102 MEDIUM This Month

IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Presentations 2020
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2021-38104 MEDIUM This Month

IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Presentations 2020
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2021-29110 MEDIUM PATCH This Month

Stored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Portal For Arcgis
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-38675 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Image2PDF. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap XSS Image2Pdf
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-34356 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap XSS Photo Station
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-34355 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap XSS Photo Station
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-34354 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap XSS Photo Station
NVD
CVSS 3.1
5.4
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy