Skip to main content
CVE-2021-21368 HIGH POC PATCH This Week

msgpack5 is a msgpack v5 implementation for node.js and the browser. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Node.js Msgpack5
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-27290 HIGH POC PATCH This Week

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Ssri Graalvm Sinec Infrastructure Network Services
NVD GitHub
CVSS 3.1
7.5
EPSS
4.7%
CVE-2021-28302 HIGH POC This Week

A stack overflow in pupnp before version 1.14.5 can cause the denial of service through the Parser_parseDocument() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Pupnp
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-23354 HIGH POC PATCH This Week

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\(([\w_.]+)\)|([1-9]\d*)\$)?([0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Printf
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-21367 HIGH PATCH This Week

Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Switchboard Bluetooth Plug Fedora
NVD GitHub
CVSS 3.1
8.1
EPSS
0.5%
CVE-2021-26569 HIGH This Week

Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Synology RCE Diskstation Manager
NVD
CVSS 3.1
8.1
EPSS
2.2%
CVE-2021-21518 HIGH This Week

Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Code Injection Supportassist Client Promanage Supportassist For Business Pcs Supportassist For Home Pcs
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-21085 HIGH This Week

Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Connect
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2021-21082 HIGH This Week

Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Photoshop
NVD
CVSS 3.1
7.8
EPSS
4.5%
CVE-2021-21077 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
7.5%
CVE-2021-21071 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
4.2%
CVE-2021-21069 HIGH PATCH This Week

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Adobe Creative Cloud Desktop Application
NVD
CVSS 3.0
7.8
EPSS
2.5%
CVE-2021-21067 HIGH This Week

Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Photoshop 2020
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-21056 HIGH PATCH This Week

Adobe Framemaker version 2020.0.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Information Disclosure Adobe Framemaker
NVD
CVSS 3.0
7.8
EPSS
21.2%
CVE-2021-20674 HIGH This Week

Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Magicconnect
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-28092 HIGH PATCH This Week

The is-svg package 2.1.0 through 4.2.1 for Node.js uses a regular expression that is vulnerable to Regular Expression Denial of Service (ReDoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js Denial Of Service Is Svg
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-28307 HIGH PATCH This Week

An issue was discovered in the fltk crate before 0.15.3 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Fltk
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-28306 HIGH PATCH This Week

An issue was discovered in the fltk crate before 0.15.3 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Fltk
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-21076 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.2%
CVE-2021-21075 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.0%
CVE-2021-21074 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.2%
CVE-2021-21073 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.0%
CVE-2021-21072 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
7.1
EPSS
3.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy