Skip to main content
CVE-2021-28144 HIGH POC PATCH This Week

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

D-Link Command Injection Dir 3060 Firmware
NVD
CVSS 3.1
8.8
EPSS
6.0%
CVE-2021-28143 HIGH POC PATCH THREAT This Week

/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools). Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available.

D-Link Command Injection Dir 841 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
32.0%
CVE-2021-26868 HIGH POC PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-26863 HIGH POC PATCH THREAT This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). Public exploit code available.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.0
EPSS
12.2%
CVE-2021-21363 HIGH POC PATCH This Week

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger. Rated high severity (CVSS 7.0). Public exploit code available.

Privilege Escalation Swagger Codegen
NVD GitHub
CVSS 3.1
7.0
EPSS
0.4%
CVE-2021-26411 HIGH KEV PATCH THREAT Act Now

Internet Explorer contains a memory corruption vulnerability exploited by the Lazarus Group (North Korea) in campaigns targeting security researchers via social engineering and malicious websites in early 2021.

NVD
CVSS 3.1
8.8
EPSS
92.5%
CVE-2021-27085 HIGH KEV PATCH THREAT This Week

Internet Explorer Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Internet Explorer
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-27076 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Business Productivity Servers Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
14.4%
CVE-2021-26876 HIGH PATCH This Week

OpenType Font Parsing Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Windows 10 Windows Server 2016
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2021-26865 HIGH PATCH This Week

Windows Container Execution Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-26864 HIGH PATCH This Week

Windows Virtual Registry Provider Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2021-21381 HIGH PATCH This Week

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Rated high severity (CVSS 8.2), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Flatpak Debian Linux Fedora
NVD GitHub
CVSS 3.1
8.2
EPSS
1.5%
CVE-2021-21378 HIGH PATCH This Week

Envoy is a cloud-native high-performance edge/middle/service proxy. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Envoy
NVD GitHub
CVSS 3.1
8.2
EPSS
1.7%
CVE-2021-22712 HIGH PATCH This Week

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Interactive Graphical Scada System
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-22711 HIGH PATCH This Week

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Interactive Graphical Scada System
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-22710 HIGH PATCH This Week

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Interactive Graphical Scada System
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-22709 HIGH PATCH This Week

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Interactive Graphical Scada System
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-27084 HIGH PATCH This Week

Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Java Maven For Java
NVD
CVSS 3.1
7.8
EPSS
61.4%
CVE-2021-27083 HIGH PATCH This Week

Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Remote Development
NVD
CVSS 3.1
7.8
EPSS
63.4%
CVE-2021-27082 HIGH PATCH This Week

Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Quantum Development Kit
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2021-27081 HIGH PATCH This Week

Visual Studio Code ESLint Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Eslint
NVD
CVSS 3.1
7.8
EPSS
4.0%
CVE-2021-27077 HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-27062 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-27061 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2021-27060 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-27058 HIGH PATCH This Week

Microsoft Office ClickToRun Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2021-27057 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-27056 HIGH PATCH This Week

Microsoft PowerPoint Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Powerpoint
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-27054 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-27053 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2021-27051 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-27050 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-27049 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-27048 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-27047 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2021-26902 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE High Efficiency Video Coding
NVD
CVSS 3.1
7.8
EPSS
5.0%
CVE-2021-26901 HIGH PATCH This Week

Windows Event Tracing Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-26900 HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption Information Disclosure Windows 10 +1
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-26899 HIGH PATCH This Week

Windows UPnP Device Host Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-26898 HIGH PATCH This Week

Windows Event Tracing Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-26891 HIGH PATCH This Week

Windows Container Execution Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-26890 HIGH PATCH This Week

Application Virtualization Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-26889 HIGH PATCH This Week

Windows Update Stack Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-26887 HIGH PATCH This Week

<p>An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-26885 HIGH PATCH This Week

Windows WalletService Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2021-26882 HIGH PATCH This Week

Remote Access API Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-26880 HIGH PATCH This Week

Storage Spaces Controller Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-26878 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-26875 HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-26874 HIGH PATCH This Week

Windows Overlay Filter Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.7%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy