Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-22 | CVE-2021-25921 | Cross-site Scripting vulnerability in Open-Emr Openemr In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly in the `Allergies` section. | 3.5 |
2021-03-22 | CVE-2021-25920 | Improper Handling of Case Sensitivity vulnerability in Open-Emr Openemr In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user. | 5.5 |
2021-03-22 | CVE-2021-25919 | Cross-site Scripting vulnerability in Open-Emr Openemr 5.0.2/5.0.2.1/5.0.2.5 In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly. | 3.5 |
2021-03-22 | CVE-2021-25918 | Cross-site Scripting vulnerability in Open-Emr Openemr 5.0.2/5.0.2.1/5.0.2.5 In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the TOTP Authentication method page. | 3.5 |
2021-03-22 | CVE-2021-25917 | Cross-site Scripting vulnerability in Open-Emr Openemr 5.0.2/5.0.2.1/5.0.2.5 In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the U2F USB Device authentication method page. | 3.5 |
2021-03-22 | CVE-2021-22321 | Use After Free vulnerability in Huawei products There is a use-after-free vulnerability in a Huawei product. | 5.0 |
2021-03-22 | CVE-2021-22314 | Unspecified vulnerability in Huawei Manageone 6.5.1/6.5.1.1 There is a local privilege escalation vulnerability in some versions of ManageOne. | 4.6 |
2021-03-22 | CVE-2021-22320 | Unspecified vulnerability in Huawei products There is a denial of service vulnerability in Huawei products. | 5.0 |
2021-03-22 | CVE-2021-22311 | Incorrect Default Permissions vulnerability in Huawei Manageone 8.0.0/8.0.1 There is an improper permission assignment vulnerability in Huawei ManageOne product. | 6.5 |
2021-03-22 | CVE-2021-22310 | Information Exposure Through Log Files vulnerability in Huawei products There is an information leakage vulnerability in some huawei products. | 2.1 |