Skip to main content
CVE-2021-21192 HIGH POC This Week

Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Google Chrome Fedora +1
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-21191 HIGH POC This Week

Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Chrome +2
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-3127 HIGH POC PATCH This Week

NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are mishandled. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nats Server Jwt Library
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2021-28295 HIGH POC THREAT This Week

Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Information Disclosure Online Ordering System
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
15.9%
CVE-2021-3344 HIGH PATCH This Week

A privilege escalation flaw was found in OpenShift builder. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Privilege Escalation Openshift Builder Openshift Container Platform
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-21193 HIGH KEV THREAT This Week

Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Chrome +2
NVD
CVSS 3.1
8.8
EPSS
9.9%
CVE-2021-28543 HIGH This Week

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Varnish Modules Varnish Modules Klarlack Fedora
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-20218 HIGH PATCH This Week

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Kubernetes Path Traversal Kubernetes Client A Mq Online Build Of Quarkus +6
NVD GitHub
CVSS 3.1
7.4
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy