Skip to main content
CVE-2021-45422 MEDIUM POC This Month

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Reprise License Manager
NVD GitHub
CVSS 3.1
6.1
EPSS
3.3%
CVE-2021-40327 MEDIUM PATCH This Month

Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Trusted Firmware M
NVD VulDB
CVSS 3.1
5.9
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy