Browse CVEs
16,477 medium risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2021-28125 | Apache Superset up to and including 1.0.1 allowed for the... | Medium | 6.1 | Medium Risk | 27-Apr-21 | |
| CVE-2021-21429 | OpenAPI Generator allows generation of API client librari... | Medium | 4.0 | Medium Risk | 27-Apr-21 | |
| CVE-2021-25928 | Prototype pollution vulnerability in 'safe-obj' versions ... | Critical | 9.8 | Medium Risk | Patched | 26-Apr-21 |
| CVE-2021-25927 | Prototype pollution vulnerability in 'safe-flat' versions... | Critical | 9.8 | Medium Risk | Patched | 26-Apr-21 |
| CVE-2021-31597 | The xmlhttprequest-ssl package before 1.6.1 for Node.js d... | Critical | 9.4 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2021-31404 | Non-constant-time comparison of CSRF tokens in UIDL reque... | Medium | 4.0 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2021-31403 | Non-constant-time comparison of CSRF tokens in UIDL reque... | Medium | 4.0 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2021-31406 | Non-constant-time comparison of CSRF tokens in endpoint r... | Medium | 4.0 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2020-36319 | Insecure configuration of default ObjectMapper in com.vaa... | Low | 3.1 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2018-25007 | Missing check in UIDL request handler in com.vaadin:flow-... | Low | 2.6 | Medium Risk | Patched | 23-Apr-21 |