Skip to main content
CVE-2021-3325 CRITICAL POC PATCH Act Now

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Monitorix Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-25311 CRITICAL Act Now

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Htcondor
NVD
CVSS 3.1
9.9
EPSS
3.2%
CVE-2021-3331 CRITICAL PATCH Act Now

WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Winscp
NVD GitHub
CVSS 3.1
9.8
EPSS
7.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy