Skip to main content
CVE-2021-25468 MEDIUM This Month

A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-21682 MEDIUM PATCH This Month

Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Jenkins Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2021-34782 MEDIUM This Month

A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Center
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-34778 MEDIUM This Month

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Business 220 8T E 2G Firmware Business 220 8P E 2G Firmware Business 220 8Fp E 2G Firmware +13
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-34777 MEDIUM This Month

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Business 220 8T E 2G Firmware Business 220 8P E 2G Firmware Business 220 8Fp E 2G Firmware +13
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-34776 MEDIUM This Month

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Business 220 8T E 2G Firmware Business 220 8P E 2G Firmware Business 220 8Fp E 2G Firmware +13
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-34775 MEDIUM This Month

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Business 220 8T E 2G Firmware Business 220 8P E 2G Firmware Business 220 8Fp E 2G Firmware +13
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-34702 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Identity Services Engine
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-29761 MEDIUM PATCH This Month

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information from the dashboard that they should not have access to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Sterling B2b Integrator
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-29760 MEDIUM PATCH This Month

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to download unauthorized files through the dashboard user interface. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Sterling B2b Integrator
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-29758 MEDIUM PATCH This Month

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that they should not be able to access due to improper access controls. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Sterling B2b Integrator
NVD
CVSS 3.1
4.3
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy