Skip to main content
CVE-2021-3745 MEDIUM POC PATCH This Month

flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. Public exploit code available.

File Upload Flatcore Cms
NVD GitHub
CVSS 3.1
6.6
EPSS
1.1%
CVE-2021-36551 MEDIUM POC This Month

TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-calendar.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Tikiwiki Cms Groupware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-36550 MEDIUM POC This Month

TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-browse_categories.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Tikiwiki Cms Groupware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-22278 MEDIUM This Month

A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Update Manager
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-30823 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Authentication Bypass Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2021-30813 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2021-1821 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service macOS Watchos
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-22097 MEDIUM PATCH This Month

In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString() method, will deserialize a body for a message with content type. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Java Spring Advanced Message Queuing Protocol
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-41728 MEDIUM This Month

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester News247 CMS 1.0 via the search function in articles. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS News247 Cms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-36987 MEDIUM This Month

There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Emui Magic Ui
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2021-30836 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Safari Ipados +4
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-30833 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
42.7%
CVE-2021-30831 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-30817 MEDIUM This Month

A permissions issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2021-30808 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-22471 MEDIUM This Month

A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22467 MEDIUM This Month

A component of the HarmonyOS has a Improper Input Validation vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-22466 MEDIUM This Month

A component of the HarmonyOS has a Use After Free vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22465 MEDIUM This Month

A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22463 MEDIUM This Month

A component of the HarmonyOS has a Use After Free vulnerability . Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Information Disclosure Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-22462 MEDIUM This Month

A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22461 MEDIUM This Month

A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22460 MEDIUM This Month

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22459 MEDIUM This Month

A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22456 MEDIUM This Month

A component of the HarmonyOS has a Data Processing Errors vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-22455 MEDIUM This Month

A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22454 MEDIUM This Month

A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22452 MEDIUM This Month

A component of the HarmonyOS has a Improper Input Validation vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-22450 MEDIUM This Month

A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-43056 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel for powerpc before 5.14.15. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-22047 MEDIUM PATCH This Month

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Java Spring Data Rest
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-36998 MEDIUM This Month

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-36997 MEDIUM This Month

There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-36996 MEDIUM This Month

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of certain virtual information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-22490 MEDIUM This Month

There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-22482 MEDIUM This Month

There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-22475 MEDIUM This Month

There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Privilege Escalation Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-22407 MEDIUM This Month

There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-22404 MEDIUM This Month

There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-22096 MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Spring Framework Active Iq Unified Manager Management Services For Element Software And Netapp Hci +5
NVD
CVSS 3.1
4.3
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy