Skip to main content
CVE-2021-22641 HIGH POC This Week

A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow RCE V Server V Simulator
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-26117 HIGH PATCH This Week

The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Apache Authentication Bypass Activemq Artemis Oncommand Workflow Automation +5
NVD VulDB
CVSS 3.1
7.5
EPSS
9.9%
CVE-2021-25312 HIGH This Week

HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Htcondor
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2021-22655 HIGH This Week

Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure V Server V Simulator
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-22653 HIGH This Week

Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption V Server V Simulator
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-22639 HIGH This Week

An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption V Server V Simulator
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2021-22637 HIGH This Week

Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow V Server V Simulator
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-25247 HIGH This Week

A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Trend Micro Housecall For Home Networks
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-26118 HIGH PATCH GHSA This Week

While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Authentication Bypass Artemis Oncommand Workflow Automation
NVD VulDB
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-3326 HIGH PATCH This Week

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Glibc E Series Santricity Os Controller Ontap Select Deploy Administration Utility Communications Cloud Native Core Security Edge Protection Proxy +7
NVD
CVSS 3.1
7.5
EPSS
3.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy