CVEs from 2021
Total
4,788
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-29457 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29458 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-32617 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29464 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29623 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3482 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29463 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29470 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3481 | medium | — | 5.5 | 5y ago | RHSA-2021:4172: qt5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29921 | medium | — | 5.5 | 5y ago | In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is bas… | |||
| CVE-2021-3448 | medium | — | 5.5 | 5y ago | RHSA-2021:4153: dnsmasq security and bug fix update (Moderate) | |||
| CVE-2021-29657 | medium | — | 5.5 | 5y ago | arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a75… | |||
| CVE-2021-47080 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a den… | |||
| CVE-2021-3444 | medium | — | 5.5 | 5y ago | The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs c… | |||
| CVE-2021-46905 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistra… | |||
| CVE-2021-28210 | medium | — | 5.5 | 5y ago | RHSA-2021:4198: edk2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-47011 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use obj_cgroup APIs to charge kmem pages", v5. Sin… | |||
| CVE-2021-33098 | medium | — | 5.5 | 5y ago | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-4442 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data … | |||
| CVE-2021-46983 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry … | |||
| CVE-2021-41174 | medium | — | 5.5 | 5y ago | cross-site scripting in grafana | |||
| CVE-2021-33928 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33930 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33938 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33929 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-20254 | medium | — | 5.5 | 5y ago | RHSA-2021:4058: samba security update (Moderate) | |||
| CVE-2021-22947 | medium | — | 5.5 | 5y ago | When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that c… | |||
| CVE-2021-22946 | medium | — | 5.5 | 5y ago | A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSES… | |||
| CVE-2021-42771 | medium | — | 5.5 | 5y ago | RHSA-2021:4201: babel security and bug fix update (Moderate) | |||
| CVE-2021-35550 | medium | — | 5.5 | 5y ago | RHSA-2022:0970: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2021-42135 | medium | — | 5.5 | 5y ago | Incorrect Privilege Assignment in HashiCorp Vault in github.com/hashicorp/vault | |||
| CVE-2021-41802 | medium | — | 5.5 | 5y ago | Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault | |||
| CVE-2021-41136 | medium | — | 5.5 | 5y ago | Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP re… | |||
| CVE-2021-41125 | medium | — | 5.5 | 5y ago | Scrapy is a high-level web crawling and scraping framework for Python. If you use `HttpAuthMiddleware` (i.e. the `http_user` and `http_pass` spider attributes) for HTTP authentication, all requests w… | |||
| CVE-2021-30151 | medium | — | 5.5 | 5y ago | Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. | |||
| CVE-2021-34552 | medium | — | 5.5 | 5y ago | RHSA-2021:4149: python-pillow security update (Moderate) | |||
| CVE-2021-41116 | medium | — | 5.5 | 5y ago | Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should u… | |||
| CVE-2021-41103 | medium | — | 5.5 | 5y ago | Insufficiently restricted permissions on plugin directories in github.com/containerd/containerd | |||
| CVE-2021-3583 | medium | — | 5.5 | 5y ago | A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-lin… | |||
| CVE-2021-2385 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2402 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2399 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2390 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2387 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2384 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2383 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2374 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2367 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2370 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2356 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2354 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2357 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2352 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2212 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2208 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2203 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2201 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2196 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2202 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2194 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2193 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2180 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2179 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2178 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2174 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2122 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2298 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2217 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2060 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2061 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2226 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2230 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2232 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2278 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2065 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2166 | medium | — | 5.5 | 5y ago | RHSA-2022:1557: mariadb:10.5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2424 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2046 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2422 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2293 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2215 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2417 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2048 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2412 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2055 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2410 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2440 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2418 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2058 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2087 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2426 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2444 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2056 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2429 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2070 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2427 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2425 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2072 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2076 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2213 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) |