Skip to main content
CVE-2021-44003 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-44043 MEDIUM This Month

An issue was discovered in UiPath App Studio 21.4.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS App Studio
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-42367 MEDIUM PATCH This Month

The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the ~/includes/class-menu-page.php file which allows attackers to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS PHP Variation Swatches For Woocommerce
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-42061 MEDIUM This Month

SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS SAP Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-36721 MEDIUM This Month

Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Application Programming Interface
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2021-41836 MEDIUM PATCH This Month

The Fathom Analytics WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the $site_id parameter found in the ~/fathom-analytics.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS PHP Fathom Analytics
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-42066 MEDIUM PATCH This Month

SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Information Disclosure SAP Business One
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2021-43827 MEDIUM PATCH This Month

discourse-footnote is a library providing footnotes for posts in Discourse. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Discourse Footnote
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-42070 LOW Monitor

When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP 3D Visual Enterprise Viewer
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2021-42069 LOW Monitor

When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption SAP 3D Visual Enterprise Viewer
NVD
CVSS 3.1
3.3
EPSS
1.0%
CVE-2021-42068 LOW Monitor

When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP 3D Visual Enterprise Viewer
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2021-44448 LOW Monitor

A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2021-44436 LOW Monitor

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2021-44431 LOW Monitor

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
3.3
EPSS
0.5%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy