2021 CVE Vulnerabilities
23,431 CVEs published in 2021.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2021-3923 | LOW | 2.3 | 0.2% | Mar 27, 2023 | A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local accou... |
| CVE-2021-43980 | LOW | 3.7 | 1.7% | Sep 28, 2022 | The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwa... |
| CVE-2021-42948 | LOW | 3.7 | 0.7% | Sep 16, 2022 | HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links vi... |
| CVE-2021-3644 | LOW | 3.3 | 0.7% | Aug 26, 2022 | A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contai... |
| CVE-2021-3574 | LOW | 3.3 | 0.4% | Aug 26, 2022 | A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects... |
| CVE-2021-4217 | LOW | 3.3 | 0.6% | Aug 24, 2022 | A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a nul... |
| CVE-2021-23188 | LOW | 3.3 | 0.2% | Aug 18, 2022 | Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an authenticated u... |
| CVE-2021-3435 | LOW | 3.3 | 0.2% | Jun 28, 2022 | Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4.0 Use of Uninitialized Resource (CWE-908). For more ... |
| CVE-2021-3433 | LOW | 3.3 | 0.2% | Jun 28, 2022 | Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptio... |
| CVE-2021-20551 | LOW | 3.3 | 0.2% | Jun 24, 2022 | IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by an... |
| CVE-2021-42702 | LOW | 3.3 | 0.8% | May 18, 2022 | Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized in... |
| CVE-2021-42700 | LOW | 3.3 | 0.7% | May 18, 2022 | Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized informa... |
| CVE-2021-26342 | LOW | 3.3 | 0.2% | May 11, 2022 | In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of op... |
| CVE-2021-27751 | LOW | 3.3 | 0.2% | May 6, 2022 | HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circums... |
| CVE-2021-25266 | LOW | 3.9 | 0.2% | Apr 27, 2022 | An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from... |
| CVE-2021-20238 | LOW | 3.7 | 0.7% | Apr 1, 2022 | It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accesse... |
| CVE-2021-39739 | LOW | 3.3 | 0.1% | Mar 30, 2022 | In ArrayMap, there is a possible leak of the content of SMS messages due to log information disclosure. This could lead ... |
| CVE-2021-27456 | LOW | 2.4 | 0.2% | Mar 23, 2022 | Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-... |
| CVE-2021-40766 | LOW | 3.3 | 1.1% | Mar 16, 2022 | Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read vulnerability that cou... |
| CVE-2021-36368 | LOW | 3.7 | 1.7% | Mar 13, 2022 | An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but ... |
| CVE-2021-3981 | LOW | 3.3 | 0.3% | Mar 10, 2022 | A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission se... |
| CVE-2021-41181 | LOW | 2.4 | 0.3% | Mar 8, 2022 | Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application d... |
| CVE-2021-3716 | LOW | 3.1 | 0.6% | Mar 2, 2022 | A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM ... |
| CVE-2021-46270 | LOW | 2.7 | 0.6% | Mar 2, 2022 | JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin user is able to list all ... |
| CVE-2021-25075 | LOW | 3.5 | 1.6% | Feb 21, 2022 | The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has a flawed CSRF check in ... |
Check if your code is affected by 2021 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now