Skip to main content
CVE-2021-37048 HIGH This Week

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to fake visitors to control PC,play a video,etc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-37043 HIGH This Week

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Authentication Bypass Emui Harmonyos +1
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-37014 HIGH This Week

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device cannot be used properly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37047 HIGH This Week

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37046 HIGH This Week

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37038 HIGH This Week

There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-22956 HIGH This Week

An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware Gateway Sd Wan
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-22955 HIGH This Week

A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware Gateway
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-36133 HIGH This Week

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Op Tee
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2021-28703 HIGH This Week

grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2021-44513 HIGH PATCH This Week

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling. Rated high severity (CVSS 7.0).

Information Disclosure Race Condition Tmate Ssh Server
NVD GitHub
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-44512 HIGH PATCH This Week

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID. Rated high severity (CVSS 7.0). This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Tmate Ssh Server
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2021-37940 MEDIUM This Month

An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github Enterprise Server integration. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Information Disclosure Enterprise Search
NVD
CVSS 3.1
6.8
EPSS
0.8%
CVE-2021-44527 MEDIUM This Month

A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Ubiquiti Denial Of Service Unifi Switch Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-19611 MEDIUM PATCH This Month

Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Racktables
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-36760 MEDIUM This Month

In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affecting the callback parameter modifying the URL that precedes the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect XSS Api Manager Identity Server Identity Server As Key Manager +1
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-29116 MEDIUM This Month

A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server feature services versions 10.8.1 and 10.9 (only) feature services may allow a remote, unauthenticated attacker to pass and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcgis Server
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-37085 MEDIUM This Month

There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2021-37082 MEDIUM This Month

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Denial Of Service Race Condition Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2021-40096 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in integration configuration in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via modification of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Squaredup
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2021-40094 MEDIUM This Month

A DOM-based XSS vulnerability affects SquaredUp for SCOM 5.2.1.6654. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Squaredup
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-40093 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in integration configuration in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via dashboard actions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Squaredup
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-40092 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in Image Tile in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via an SVG file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Squaredup
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37058 MEDIUM This Month

There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user's nickname is maliciously tampered with. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-37056 MEDIUM This Month

There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-37055 MEDIUM This Month

There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-29115 MEDIUM This Month

An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise versions 10.9.0 and below may allows a remote attacker to view hidden field names in feature layers. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Arcgis Enterprise
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2021-40095 MEDIUM This Month

An issue was discovered in SquaredUp for SCOM 5.2.1.6654. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Squaredup
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2021-29113 MEDIUM This Month

A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote, unauthenticated attacker to inject attacker supplied html into a page. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

LFI PHP Code Injection Arcgis Server
NVD
CVSS 3.1
4.7
EPSS
0.8%
CVE-2020-27413 MEDIUM This Month

An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Mahavitaran
NVD VulDB
CVSS 3.1
4.2
EPSS
0.3%
CVE-2021-37073 LOW Monitor

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Huawei Race Condition Harmonyos
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2021-44187 LOW Monitor

Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Bridge
NVD
CVSS 3.1
3.3
EPSS
1.8%
CVE-2021-44186 LOW Monitor

Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Bridge
NVD
CVSS 3.1
3.3
EPSS
2.1%
CVE-2021-44185 LOW Monitor

Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Bridge
NVD
CVSS 3.1
3.3
EPSS
1.8%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy