Skip to main content
CVE-2021-1167 HIGH POC This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
5.6%
CVE-2021-3028 CRITICAL PATCH Act Now

git-big-picture before 1.0.0 mishandles ' characters in a branch name, leading to code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Git Big Picture
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2021-23899 CRITICAL PATCH Act Now

OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Json Sanitizer
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-1144 HIGH This Week

A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow a remote, authenticated attacker without administrative privileges to alter the password of any user on an affected system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Connected Mobile Experiences
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-21009 HIGH This Week

Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Adobe Campaign Classic
NVD
CVSS 3.1
8.6
EPSS
3.2%
CVE-2021-21006 HIGH This Week

Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Adobe Photoshop
NVD
CVSS 3.1
8.6
EPSS
5.6%
CVE-2021-21013 HIGH This Week

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Information Disclosure Authentication Bypass Magento
NVD
CVSS 3.1
8.1
EPSS
3.2%
CVE-2021-3139 HIGH PATCH This Week

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Tcmu Runner
NVD GitHub
CVSS 3.1
8.1
EPSS
2.6%
CVE-2021-21605 HIGH PATCH This Week

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Path Traversal
NVD
CVSS 3.1
8.0
EPSS
2.2%
CVE-2021-21604 HIGH PATCH This Week

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Jenkins
NVD
CVSS 3.1
8.0
EPSS
1.7%
CVE-2021-1237 HIGH This Week

A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Anyconnect Secure Mobility Client
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-20616 HIGH This Week

Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Skysea Client View
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-1223 HIGH This Week

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense Secure Firewall Management Center Ios Xe +1
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2021-21252 HIGH PATCH This Week

The jQuery Validation Plugin provides drop-in validation for your existing forms. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Node.js Denial Of Service Jquery Validation Snapcenter
NVD GitHub
CVSS 3.1
7.5
EPSS
3.5%
CVE-2021-3131 HIGH This Week

The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 1C
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-23900 HIGH PATCH This Week

OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Json Sanitizer
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-1240 HIGH This Week

A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Proximity
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2021-1360 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1307 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1217 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1216 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1215 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1214 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1213 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1212 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-1211 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1210 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1209 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1208 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1207 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1206 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1205 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1204 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1203 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-1202 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1201 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1200 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1199 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1198 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1197 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1196 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1195 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-1194 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-1193 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1192 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1191 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1190 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +4
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1188 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1187 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-1186 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
7.2
EPSS
2.8%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy