Skip to main content
CVE-2021-31862 MEDIUM POC This Month

SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sysaid
NVD GitHub
CVSS 3.1
6.1
EPSS
3.9%
CVE-2021-1123 MEDIUM This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1122 MEDIUM This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Nvidia Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1121 MEDIUM This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-3662 MEDIUM This Month

Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS HP Futuresmart 4 Futuresmart 5
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-3441 MEDIUM POC This Month

A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting (XSS). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS HP Officejet 7110 Firmware
NVD Exploit-DB
CVSS 3.1
4.8
EPSS
1.7%
CVE-2021-35237 MEDIUM This Month

A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to click jacking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Kiwi Syslog Server
NVD
CVSS 3.1
4.3
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy