Skip to main content
CVE-2021-23167 MEDIUM This Month

Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Command Centre
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2021-23155 MEDIUM This Month

Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Command Centre Mobile Client
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2021-0671 MEDIUM This Month

In apusys, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0670 MEDIUM This Month

In apusys, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0669 MEDIUM This Month

In apusys, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0668 MEDIUM This Month

In apusys, there is a possible memory corruption due to incorrect error handling. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0667 MEDIUM This Month

In apusys, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0664 MEDIUM This Month

In ccu, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0658 MEDIUM This Month

In apusys, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0657 MEDIUM This Month

In apusys, there is a possible out of bounds write due to a stack-based buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0656 MEDIUM This Month

In edma driver, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0655 MEDIUM This Month

In mdlactl driver, there is a possible memory corruption due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-0629 MEDIUM This Month

In mdlactl driver, there is a possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Use After Free Denial Of Service +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2021-23193 MEDIUM This Month

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Command Centre
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-27025 MEDIUM PATCH This Month

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Puppet Puppet Agent Puppet Enterprise Fedora
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-42268 MEDIUM This Month

Adobe Animate version 21.0.9 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Animate
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2021-40761 MEDIUM PATCH This Month

Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Adobe After Effects
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-40756 MEDIUM PATCH This Month

Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Adobe After Effects
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-43668 MEDIUM This Month

Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Go Ethereum
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-0672 MEDIUM This Month

In Browser app, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0624 MEDIUM This Month

In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0623 MEDIUM This Month

In asf extractor, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0622 MEDIUM This Month

In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0621 MEDIUM This Month

In asf extractor, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0620 MEDIUM This Month

In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-0619 MEDIUM This Month

In ape extractor, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-43549 MEDIUM This Month

A remote authenticated attacker with write access to a PI Server could trick a user into interacting with a PI Web API endpoint and redirect them to a malicious website. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pi Web Api
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2021-27026 MEDIUM This Month

A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Connect Puppet Enterprise
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-0666 MEDIUM This Month

In apusys, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-0665 MEDIUM This Month

In apusys, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-0659 MEDIUM This Month

In apusys, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-37938 MEDIUM This Month

It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Elastic Microsoft Privilege Escalation Kibana
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-43017 MEDIUM PATCH This Month

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity.

Denial Of Service Adobe Creative Cloud Desktop Application
NVD
CVSS 3.1
4.2
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy