Skip to main content
CVE-2021-21974 HIGH POC THREAT Act Now

VMware ESXi versions 7.0 before U1c, 6.7 before specific patches, and 6.5 before specific patches contain a heap overflow in the OpenSLP service accessible on port 427. An attacker on the same network segment can trigger remote code execution on the ESXi hypervisor, compromising all virtual machines hosted on the server.

Buffer Overflow VMware RCE Memory Corruption
NVD VulDB
CVSS 3.1
8.8
EPSS
55.0%
Threat
6.9
CVE-2021-1368 HIGH This Week

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Memory Corruption Denial Of Service +3
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-21617 HIGH PATCH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins Configuration Slicing Plugin 1.51 and earlier allows attackers to apply different slice configurations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Configuration Slicing
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-20659 HIGH This Week

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE PHP File Upload Sv Cpt Mc310 Firmware
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2021-1387 HIGH This Week

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Computing System Nx Os
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2021-1227 HIGH This Week

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Nx Os
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2021-20661 HIGH This Week

Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sv Cpt Mc310 Firmware
NVD
CVSS 3.1
8.1
EPSS
2.4%
CVE-2021-1230 HIGH This Week

A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-20662 HIGH This Week

Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sv Cpt Mc310 Firmware
NVD
CVSS 3.1
7.5
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy