Skip to main content
CVE-2020-23630 HIGH POC This Week

A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zzcms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-3116 HIGH POC PATCH This Week

before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Proxy Py
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-3121 HIGH PATCH This Week

An issue was discovered in GoGo Protobuf before 1.3.2. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Protobuf HashiCorp Consul
NVD GitHub
CVSS 3.1
8.6
EPSS
3.5%
CVE-2018-8726 HIGH This Week

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Antivrius Enterprise Security Total Security +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-8725 HIGH This Week

K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Antivrius Enterprise Security Total Security +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-9333 HIGH This Week

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Antivrius Enterprise Security Total Security +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-8044 HIGH This Week

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Antivrius Enterprise Security Total Security Ultimate Security
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2018-9332 HIGH This Week

K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Antivrius Enterprise Security Total Security Ultimate Security
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2018-8724 HIGH This Week

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Antivrius Enterprise Security Total Security Ultimate Security
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-0318 HIGH This Week

In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Memory Corruption Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-0317 HIGH PATCH This Week

In createOrUpdate of Permission.java and related code, there is possible permission escalation due to a logic error. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Google Privilege Escalation Java Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0310 HIGH This Week

In LazyServiceRegistrar of LazyServiceRegistrar.cpp, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Memory Corruption Use After Free +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0307 HIGH This Week

In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0306 HIGH This Week

In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-0313 HIGH PATCH This Week

In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-21241 HIGH PATCH This Week

The Python "Flask-Security-Too" package is used for adding security features to your Flask application. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Python Flask Security Too
NVD GitHub
CVSS 3.1
7.4
EPSS
0.9%
CVE-2021-0319 HIGH PATCH This Week

In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-0315 HIGH PATCH This Week

In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-0303 HIGH This Week

In dispatchGraphTerminationMessage() of packages/services/Car/computepipe/runner/graph/StreamSetObserver.cpp, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Google Denial Of Service Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy