Skip to main content
CVE-2021-28032 CRITICAL POC PATCH Act Now

An issue was discovered in the nano_arena crate before 0.5.2 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Nano Arena
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-27964 CRITICAL POC THREAT Act Now

SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Sonlogger
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
46.0%
CVE-2021-27314 CRITICAL POC THREAT Act Now

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Doctor Appointment System
NVD
CVSS 3.1
9.8
EPSS
12.4%
CVE-2021-26705 CRITICAL POC Act Now

An issue was discovered in SquareBox CatDV Server through 9.2. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Catdv
NVD Exploit-DB
CVSS 3.1
9.1
EPSS
2.1%
CVE-2021-27581 CRITICAL Act Now

The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Kentico Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-3420 CRITICAL PATCH Act Now

A flaw was found in newlib in versions prior to 4.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Newlib Fedora
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-28037 CRITICAL PATCH Act Now

An issue was discovered in the internment crate before 0.4.2 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Internment
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-28035 CRITICAL PATCH Act Now

An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Stack Dst
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-28034 CRITICAL PATCH Act Now

An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Stack Dst
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-28033 CRITICAL PATCH Act Now

An issue was discovered in the byte_struct crate before 0.6.1 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Deserialization Byte Struct
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-28031 CRITICAL PATCH Act Now

An issue was discovered in the scratchpad crate before 1.3.1 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Scratchpad
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-28028 CRITICAL PATCH Act Now

An issue was discovered in the toodee crate before 0.3.0 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Toodee
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-28027 CRITICAL PATCH Act Now

An issue was discovered in the bam crate before 0.1.3 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Bam
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-27965 CRITICAL PATCH Act Now

The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Privilege Escalation Dragon Center
NVD GitHub
CVSS 3.1
9.8
EPSS
11.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy