Updates February 2021

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type »

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

UpdatedBaseTempVulnerabilityChangeExpRemCTICVE
02/28/20214.64.5next-auth Prisma Database Adapter authentication spoofing(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.11CVE-2021-21310
02/28/20217.06.7Lucee Server Admin authorization(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21307
02/28/20213.43.3Wire Video Capture information disclosure(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21301
02/28/20216.86.5hyper Crate Transfer-Encoding request smuggling(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21299
02/28/20216.36.0Adobe Acrobat Reader PDF File memory corruption(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.11CVE-2021-21063
02/28/20216.36.0Adobe Acrobat Reader PDF File memory corruption(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21062
02/28/20214.34.1Adobe Acrobat PDF File use after free(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21061
02/28/20214.34.1Adobe Acrobat information disclosure(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21060
02/28/20216.36.0Adobe Acrobat Reader PDF File memory corruption(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21059
02/28/20216.36.0Adobe Acrobat Reader PDF File memory corruption(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21058
02/28/20214.34.1Adobe Acrobat Reader PDF File null pointer dereference(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21057
02/28/20215.35.1Adobe Dreamweaver untrusted search path(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21055
02/28/20216.36.0Adobe Illustrator out-of-bounds write(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21054
02/28/20216.36.0Adobe Illustrator out-of-bounds write(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21053
02/28/20216.36.0Adobe Animate out-of-bounds write(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.89CVE-2021-21052
02/28/20216.36.0Adobe Photoshop Javascript File buffer overflow(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21051
02/28/20216.36.0Adobe Photoshop out-of-bounds read(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21050
02/28/20216.36.0Adobe Photoshop out-of-bounds read(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21049
02/28/20216.36.0Adobe Photoshop memory corruption(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21048
02/28/20216.36.0Adobe Photoshop out-of-bounds write(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21047
02/28/20216.36.0Adobe Acrobat Reader memory corruption(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.58CVE-2021-21046
02/28/20216.36.0Adobe Acrobat Reader access control(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.11CVE-2021-21045
02/28/20216.36.0Adobe Acrobat Reader JPEG File out-of-bounds write(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21044
02/28/20215.45.1Adobe Acrobat Reader out-of-bounds read(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.00CVE-2021-21042
02/28/20216.36.0Adobe Acrobat Reader use after free(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.05CVE-2021-21041
02/28/20216.36.0Adobe Acrobat Reader use after free(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.48CVE-2021-21040
02/28/20216.36.0Adobe Acrobat Reader use after free(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.55CVE-2021-21039
02/28/20216.36.0Adobe Acrobat Reader JPEG File out-of-bounds write(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.55CVE-2021-21038
02/28/20215.35.1Adobe Acrobat Reader path traversal(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.67CVE-2021-21037
02/28/20215.35.1Adobe Acrobat Reader integer overflow(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.21CVE-2021-21036
02/28/20217.57.2Adobe Acrobat Reader use after free(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.55CVE-2021-21035
02/28/20213.83.6Adobe Acrobat Reader out-of-bounds read(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.41CVE-2021-21034
02/28/20217.57.2Adobe Acrobat Reader use after free(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.48CVE-2021-21033
02/28/20215.65.6Magento session expiration(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.11CVE-2021-21032
02/28/20215.65.6Magento session expiration(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.17CVE-2021-21031
02/28/20214.34.3Magento Customer Address Upload cross site scripting(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.11CVE-2021-21030
02/28/20214.14.1Magento Admin Console cross site scripting(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedNot Defined0.22CVE-2021-21029
02/28/20217.57.2Adobe Acrobat Reader use after free(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.29CVE-2021-21028
02/28/20214.34.3Magento GraphQL API cross-site request forgery(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.05CVE-2021-21027
02/28/20215.05.0Magento Integrations Module improper authorization(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.11CVE-2021-21026
02/28/20214.74.7Magento Product Layout Update xml injection(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.06CVE-2021-21025
02/28/20217.37.3Magento Search Module sql injection(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.17CVE-2021-21024
02/28/20212.42.4Magento Admin Console cross site scripting(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.06CVE-2021-21023
02/28/20215.35.3Magento Product Module resource injection(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.05CVE-2021-21022
02/28/20217.57.2Adobe Acrobat Reader use after free(19): vulnerability_cvss3_nvd_av, vulnerability_cvss3_nvd_ac, vulnerability_cvss3_nvd_pr, vulnerability_cvss3_nvd_ui, vulnerability_cvss3_nvd_s, vulnerability_cvss3_nvd_c, vulnerability_cvss3_nvd_i, vulnerability_cvss3_nvd_a, vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss3_meta_basescore, vulnerability_cvss3_meta_tempscore, vulnerability_cvss2_nvd_basescore, vulnerability_cvss3_nvd_basescoreNot DefinedOfficial Fix0.41CVE-2021-21021
02/28/20215.65.6Magento Login as Customer Module access control(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.37CVE-2021-21020
02/28/20214.74.7Magento Widgets Module xml injection(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.59CVE-2021-21019
02/28/20214.74.7Magento Scheduled Operation Module os command injection(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.41CVE-2021-21018
02/28/20216.36.0Adobe Acrobat Reader heap-based overflow(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedOfficial Fix0.11CVE-2021-21017
02/28/20214.14.1Magento WebAPI os command injection(8): vulnerability_cvss2_nvd_av, vulnerability_cvss2_nvd_ac, vulnerability_cvss2_nvd_au, vulnerability_cvss2_nvd_ci, vulnerability_cvss2_nvd_ii, vulnerability_cvss2_nvd_ai, source_cve_cna, vulnerability_cvss2_nvd_basescoreNot DefinedNot Defined0.81CVE-2021-21016

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!