Skip to main content
CVE-2021-44435 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44434 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44433 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44432 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44430 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44014 HIGH PATCH This Week

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Jt Open Toolkit Jt Utilities +3
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-44013 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2021-44006 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-44005 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-44002 HIGH PATCH This Week

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities Jt2Go +2
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-44001 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-42024 HIGH PATCH This Week

A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < 2021.3.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Simcenter Star Ccm Viewer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44232 HIGH This Week

SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path information provided by normal user, leading to full server directory access. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Saf T Framework
NVD
CVSS 3.1
7.7
EPSS
1.0%
CVE-2021-4044 HIGH PATCH This Week

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Denial Of Service Cloud Backup E Series Performance Analyzer Ontap Select Deploy Administration Utility +12
NVD
CVSS 3.1
7.5
EPSS
50.1%
CVE-2021-43388 HIGH This Week

Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cargo Mobile
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-41067 HIGH This Week

An issue was discovered in Listary through 6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Listary
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-41066 HIGH This Week

An issue was discovered in Listary through 6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Listary
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-44522 HIGH This Week

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-44549 HIGH PATCH This Week

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Information Disclosure Sling Commons Messaging Mail
NVD
CVSS 3.1
7.4
EPSS
1.9%
CVE-2021-42027 HIGH PATCH This Week

A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Sinumerik Edge
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2021-41065 HIGH This Week

An issue was discovered in Listary through 6. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Listary
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2021-44444 LOW POC Monitor

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2021-44165 HIGH This Week

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow 7Kg9501 0Aa01 2Aa1 Firmware 7Kg9501 0Aa31 0Aa1 Firmware +2
NVD
CVSS 3.1
7.2
EPSS
2.6%
CVE-2021-41547 HIGH PATCH This Week

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All versions < V5.0.10), Teamcenter Active Workspace V5.1 (All. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Teamcenter Active Workspace
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2021-43051 MEDIUM This Month

The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire Server, and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows malicious. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Spotfire Server
NVD
CVSS 3.1
6.8
EPSS
0.8%
CVE-2021-44235 MEDIUM This Month

Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allow an attacker with high privileges and has direct. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection SAP Netweaver Application Server Abap
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-42023 MEDIUM PATCH This Month

A vulnerability has been identified in ModelSim Simulation (All versions), Questa Simulation (All versions). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Authentication Bypass Modelsim Questa
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-42022 MEDIUM This Month

A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00 SP3). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Simatic Easie Pcs 7 Skill
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2018-10228 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in /application/controller/admin/theme.php in LimeSurvey 3.6.2+180406 allows remote attackers to inject arbitrary web script or HTML via the changes_cp. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Limesurvey
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-34425 MEDIUM This Month

The Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows) contain a server side request forgery vulnerability in the chat\'s "link preview" functionality. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Microsoft SSRF Meetings
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-39319 MEDIUM This Month

The duoFAQ - Responsive, Flat, Simple FAQ WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/duogeek/duogeek-panel.php file which allows attackers to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Duofaq Responsive Flat Simple Faq
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39318 MEDIUM This Month

The H5P CSS Editor WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the h5p-css-file parameter found in the ~/h5p-css-editor.php file which allows attackers to inject arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP H5P Css Editor
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39315 MEDIUM This Month

The Magic Post Voice WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the ids parameter found in the ~/inc/admin/main.php file which allows attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Magic Post Voice
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39314 MEDIUM This Month

The WooCommerce EnvioPack WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the dataid parameter found in the ~/includes/functions.php file which allows attackers to inject. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Woo Enviopack
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39313 MEDIUM This Month

The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/simple-image-gallery.php file which allows attackers to inject arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Simple Image Gallery
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39311 MEDIUM This Month

The link-list-manager WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the category parameter found in the ~/llm.php file which allows attackers to inject arbitrary web scripts,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Link List Manager
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39310 MEDIUM This Month

The Real WYSIWYG WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of PHP_SELF in the ~/real-wysiwyg.php file which allows attackers to inject arbitrary web scripts, in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Real Wysiwyg
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39309 MEDIUM This Month

The Parsian Bank Gateway for Woocommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via and parameter due to a var_dump() on $_POST variables found in the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Parsian Bank Gateway For Woocommerce
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-39308 MEDIUM This Month

The WooCommerce myghpay Payment Gateway WordPess plugin is vulnerable to Reflected Cross-Site Scripting via the clientref parameter found in the ~/processresponse.php file which allows attackers to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Woo Myghpay Payment Gateway
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-38361 MEDIUM This Month

The .htaccess Redirect WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the link parameter found in the ~/htaccess-redirect.php file which allows attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS PHP Htaccess Redirect
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-43820 MEDIUM PATCH This Month

Seafile is an open source cloud storage system. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Seafile Server
NVD GitHub
CVSS 3.1
5.9
EPSS
1.0%
CVE-2021-44017 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-44015 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-44012 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-44011 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-44010 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-44009 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-44008 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-44007 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-44004 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.9%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy