Skip to main content
CVE-2021-28119 CRITICAL POC Act Now

Twinkle Tray (aka twinkle-tray) through 1.13.3 allows remote command execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Twinkle Tray
NVD GitHub
CVSS 3.1
9.8
EPSS
3.6%
CVE-2021-23352 CRITICAL POC PATCH Act Now

This affects the package madge before 4.0.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Madge
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-25915 CRITICAL POC PATCH Act Now

Prototype pollution vulnerability in 'changeset' versions 0.0.1 through 0.2.5 allows an attacker to cause a denial of service and may lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution RCE Denial Of Service Changeset
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2021-21484 CRITICAL Act Now

LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Hana
NVD
CVSS 3.1
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy