Browse CVEs
11,285 medium risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2021-25928 | Prototype pollution vulnerability in 'safe-obj' versions ... | Critical | 9.8 | Medium Risk | Patched | 26-Apr-21 |
| CVE-2021-25927 | Prototype pollution vulnerability in 'safe-flat' versions... | Critical | 9.8 | Medium Risk | Patched | 26-Apr-21 |
| CVE-2021-31597 | The xmlhttprequest-ssl package before 1.6.1 for Node.js d... | Critical | 9.4 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2021-31404 | Non-constant-time comparison of CSRF tokens in UIDL reque... | Medium | 4.0 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2021-31403 | Non-constant-time comparison of CSRF tokens in UIDL reque... | Medium | 4.0 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2021-31406 | Non-constant-time comparison of CSRF tokens in endpoint r... | Medium | 4.0 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2020-36319 | Insecure configuration of default ObjectMapper in com.vaa... | Low | 3.1 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2018-25007 | Missing check in UIDL request handler in com.vaadin:flow-... | Low | 2.6 | Medium Risk | Patched | 23-Apr-21 |
| CVE-2021-3287 | Zoho ManageEngine OpManager before 12.5.329 allows unauth... | Critical | 9.8 | Medium Risk | Patched | 22-Apr-21 |
| CVE-2021-21427 | Magento-lts is a long-term support alternative to Magento... | Critical | 9.1 | Medium Risk | Patched | 21-Apr-21 |