Skip to main content
CVE-2021-21287 HIGH POC PATCH THREAT This Week

MinIO is a High Performance Object Storage released under Apache License v2.0. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

Apache Path Traversal SSRF Minio
NVD GitHub
CVSS 3.1
7.7
EPSS
24.8%
CVE-2021-21286 HIGH This Week

AVideo Platform is an open-source Audio and Video platform. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Avideo
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-21277 HIGH PATCH This Week

angular-expressions is "angular's nicest part extracted as a standalone module for the browser and node". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Angular Expressions
NVD GitHub
CVSS 3.1
8.8
EPSS
2.7%
CVE-2021-3283 HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Java Nomad
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-3282 HIGH PATCH This Week

HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Authentication Bypass Vault
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-3348 HIGH PATCH This Week

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition Linux Kernel Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy