Skip to main content
CVE-2021-36337 HIGH PATCH This Week

Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Dell Information Disclosure Wyse Management Suite
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2021-36316 HIGH PATCH This Week

Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Dell Privilege Escalation Emc Avamar Server
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2021-43587 MEDIUM PATCH This Month

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Powerpath Management Appliance
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36318 MEDIUM PATCH This Month

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Avamar Server
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-36317 MEDIUM PATCH This Month

Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Dell Information Disclosure Emc Avamar Server Emc Powerprotect Data Protection Appliance
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-38900 MEDIUM PATCH This Month

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Business Automation Workflow Business Process Manager Workflow Process Service
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-36341 MEDIUM PATCH This Month

Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Dell Information Disclosure Wyse Device Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-38966 MEDIUM This Month

IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Cloud Pak For Automation Workflow Process Service
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-38893 MEDIUM PATCH This Month

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Business Automation Workflow Business Process Manager Workflow Process Service
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2021-44876 MEDIUM This Month

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Systeam Enterprise Resource Planning
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-44875 MEDIUM This Month

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Systeam Enterprise Resource Planning
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-45089 MEDIUM This Month

Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.2
EPSS
0.3%
CVE-2021-45091 MEDIUM This Month

Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
4.3
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy