Skip to main content
CVE-2021-42361 MEDIUM PATCH This Month

The Contact Form Email WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the name parameter found in the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS PHP Contact Form Email
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-43976 MEDIUM PATCH This Month

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Linux Denial Of Service Linux Kernel Fedora Debian Linux +12
NVD
CVSS 3.1
4.6
EPSS
0.6%
CVE-2021-0199 MEDIUM This Month

Improper input validation in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.6.0.6 may allow a privileged user to potentially enable a denial of service via local. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Ethernet Network Controller E810 Xxvam2 Firmware Ethernet Network Controller E810 Cam1 Firmware Ethernet Network Controller E810 Cam2 Firmware
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-0198 MEDIUM This Month

Improper access control in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.5.5.6 may allow a privileged user to potentially enable a denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Ethernet Network Controller E810 Xxvam2 Firmware Ethernet Network Controller E810 Cam1 Firmware Ethernet Network Controller E810 Cam2 Firmware
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-0197 MEDIUM This Month

Protection mechanism failure in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.5.5.6 may allow a privileged user to enable a denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Ethernet Network Controller E810 Xxvam2 Firmware Ethernet Network Controller E810 Cam1 Firmware Ethernet Network Controller E810 Cam2 Firmware
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-0148 MEDIUM This Month

Insertion of information into log file in firmware for some Intel(R) SSD DC may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Dc D4512 Firmware Ssd Dc P4510 U 2 Firmware Ssd Dc P4510 Edsff Firmware +15
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-41273 MEDIUM PATCH This Month

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF PHP Panel
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-43553 MEDIUM This Month

PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pi Vision
NVD
CVSS 3.1
4.3
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy