Skip to main content
CVE-2021-25646 HIGH POC PATCH THREAT Act Now

Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Apache Information Disclosure Druid
NVD
CVSS 3.1
8.8
EPSS
99.3%
CVE-2021-3347 HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.10.11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Memory Corruption Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-26308 HIGH POC PATCH This Week

An issue was discovered in the marc crate before 2.0.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Marc
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-3336 HIGH PATCH This Week

DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Wolfssl
NVD GitHub
CVSS 3.1
8.1
EPSS
0.8%
CVE-2021-3176 HIGH This Week

The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow an attacker to gain access to user information by sending certain code,. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Businesscti Enterprise
NVD
CVSS 3.1
8.0
EPSS
0.9%
CVE-2021-25138 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25137 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25136 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25135 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25134 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25133 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25132 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25131 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25130 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25129 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-25128 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-25127 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-25126 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25125 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-25124 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware Cloudline Cl5800 Gen10 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-3345 HIGH PATCH This Week

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libgcrypt Communications Billing And Revenue Management
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-25123 HIGH This Week

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cloudline Cl5800 Gen10 Server Firmware Cloudline Cl3100 Gen10 Server Firmware Cloudline Cl4100 Gen10 Server Firmware Cloudline Cl5200 Gen9 Server Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-20586 HIGH This Week

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rv2Fr Firmware Rv2Frl Firmware Rv4Fr Firmware Rv4Frl Firmware +29
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2021-25909 HIGH This Week

ZIV Automation 4CCT-EA6-334126BF firmware version 3.23.80.27.36371, allows an unauthenticated, remote attacker to cause a denial of service condition on the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 4Cct Ea6 334126Bf Firmware
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-26306 HIGH PATCH This Week

An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Raw Cpuid
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-3341 HIGH This Week

A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Path Traversal Dxenterprise Dxodyssey
NVD
CVSS 3.1
7.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy