Skip to main content
CVE-2021-23356 CRITICAL POC Act Now

This affects all versions of package kill-process-by-name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Kill Process By Name
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-23355 CRITICAL POC Act Now

This affects all versions of package ps-kill. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ps Kill
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-26987 CRITICAL Act Now

Element Plug-in for vCenter Server incorporates SpringBoot Framework. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE VMware Spring Boot Element Plug In For Vcenter Server Management Services For Element Software And Netapp Hci +1
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-27817 CRITICAL Act Now

A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Shopxo
NVD GitHub
CVSS 3.1
9.8
EPSS
3.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy