Skip to main content
CVE-2020-19513 HIGH POC This Week

Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Aida64
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-26296 HIGH POC PATCH This Week

In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

CSRF Apache Myfaces Oncommand Insight
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-22703 HIGH This Week

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Powerlogic Ion7400 Firmware Powerlogic Ion7650 Firmware Powerlogic Ion8600 Firmware Powerlogic Ion8650 Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2021-22702 HIGH This Week

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Powerlogic Ion7400 Firmware Powerlogic Ion7650 Firmware Powerlogic Ion7700 Firmware Powerlogic Ion7300 Firmware +8
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2021-27509 HIGH This Week

In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Myconnection Server
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-27405 HIGH PATCH This Week

A ReDoS (regular expression denial of service) flaw was found in the @progfay/scrapbox-parser package before 6.0.3 for Node.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Node.js Denial Of Service Scrapbox Parser
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy