Skip to main content
CVE-2021-3177 CRITICAL POC PATCH THREAT Act Now

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Python RCE Fedora Active Iq Unified Manager +7
NVD GitHub
CVSS 3.1
9.8
EPSS
23.3%
CVE-2021-22851 CRITICAL Act Now

HGiga EIP product contains SQL Injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Oaklouds Openid
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-22850 CRITICAL Act Now

HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oaklouds Portal
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2021-25323 CRITICAL PATCH Act Now

The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Misp
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy