CVE-2021-3513 Detail Current Description A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a…

CVE-2021-3521 Detail Awaiting Analysis This vulnerability is currently awaiting analysis. Description There is a flaw in RPM’s signature functionality. OpenPGP subkeys are associated with a primary key via a “binding…

CVE-2021-3586 Detail Awaiting Analysis This vulnerability is currently awaiting analysis. Description A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may…

References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

CVE-2021-3639 Detail Awaiting Analysis This vulnerability is currently awaiting analysis. Description A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used…

Added CPE Configuration AND OR *cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:* OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions…

CVE-2021-36847 Detail Current Description Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress. View Analysis Description Analysis Description Authenticated (admin+) Stored Cross-Site Scripting…

CVE-2021-36852 Detail Current Description Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. View Analysis Description Analysis Description Cross-Site Request Forgery (CSRF) vulnerability in…

CVE-2021-36857 Detail Current Description Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. View Analysis Description Analysis Description Authenticated (editor+) Stored Cross-Site Scripting…

CVE-2021-37289 Detail Current Description Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. View Analysis Description Analysis Description…