Skip to main content
CVE-2021-27292 HIGH POC PATCH This Week

ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Ua Parser Js
NVD GitHub
CVSS 3.1
7.5
EPSS
3.4%
CVE-2021-27291 HIGH POC PATCH This Week

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Pygments Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
3.8%
CVE-2021-22860 CRITICAL Act Now

EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass E Document System
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-22859 CRITICAL Act Now

The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi E Document System
NVD GitHub
CVSS 3.1
9.8
EPSS
3.8%
CVE-2021-28660 HIGH PATCH This Week

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel Fedora +10
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2020-28873 HIGH This Week

Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Fluxbb
NVD VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-28650 MEDIUM PATCH This Month

autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Path Traversal Gnome Autoar Fedora
NVD
CVSS 3.1
5.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy