Skip to main content
CVE-2021-27213 CRITICAL POC PATCH Act Now

config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization RCE Pystemon
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-27212 HIGH POC PATCH THREAT This Week

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Openldap Debian Linux
NVD
CVSS 3.1
7.5
EPSS
64.1%
CVE-2021-26929 MEDIUM POC This Month

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Groupware Debian Linux
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
4.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy