Skip to main content
CVE-2021-21349 HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization Java Oncommand Insight Activemq Jmeter +14
NVD GitHub
CVSS 3.1
8.6
EPSS
46.8%
CVE-2021-21343 HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Java Oncommand Insight Activemq Jmeter +12
NVD GitHub
CVSS 3.1
7.5
EPSS
46.7%
CVE-2021-21341 HIGH POC PATCH THREAT This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Java Oncommand Insight Activemq Jmeter +10
NVD GitHub
CVSS 3.1
7.5
EPSS
77.8%
CVE-2021-21401 HIGH POC PATCH This Week

Nanopb is a small code-size Protocol Buffers implementation in ansi C. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Nanopb
NVD GitHub
CVSS 3.1
7.1
EPSS
1.8%
CVE-2021-21380 HIGH PATCH This Week

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Xwiki
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-22864 HIGH This Week

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Enterprise Server
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2021-28824 HIGH This Week

The Windows Installation component of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Activespaces
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2021-29082 HIGH This Week

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rbw30 Firmware Rbs40V Firmware Rbk752 Firmware +10
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-29068 HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear R6700 Firmware R6400 Firmware R7000 Firmware +77
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-21355 HIGH PATCH This Week

TYPO3 is an open source PHP based web content management system. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Typo3
NVD GitHub
CVSS 3.1
8.6
EPSS
1.6%
CVE-2021-29081 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption Rbw30 Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
8.4
EPSS
0.4%
CVE-2021-29075 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption Rbw30 Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
8.4
EPSS
0.4%
CVE-2021-29074 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption Rbw30 Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
8.4
EPSS
0.4%
CVE-2021-29073 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption R8000P Firmware Mk62 Firmware +11
NVD
CVSS 3.1
8.4
EPSS
0.3%
CVE-2021-29072 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2021-29070 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2021-29069 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Xr450 Firmware Xr500 Firmware Wnr2000V5 Firmware
NVD
CVSS 3.1
8.4
EPSS
0.5%
CVE-2021-21357 HIGH PATCH This Week

TYPO3 is an open source PHP based web content management system. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Typo3
NVD GitHub
CVSS 3.1
8.3
EPSS
1.6%
CVE-2021-29080 HIGH This Week

Certain NETGEAR devices are affected by password reset by an unauthenticated attacker. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rbk852 Firmware Rbk853 Firmware Rbr854 Firmware +13
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2021-28823 HIGH This Week

The Windows Installation component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains a vulnerability that. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Eftl
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-28822 HIGH This Week

The Enterprise Message Service Server (tibemsd), Enterprise Message Service Central Administration (tibemsca), Enterprise Message Service JSON configuration generator (tibemsconf2json), and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Enterprise Message Service
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-28821 HIGH This Week

The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Enterprise Message Service
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-28820 HIGH This Week

The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Java Ftl
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28819 HIGH This Week

The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability that. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Ftl
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-28818 HIGH This Week

The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Java Rendezvous
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28817 HIGH This Week

The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Rendezvous
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-3444 HIGH PATCH This Week

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux RCE Information Disclosure Linux Kernel Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-20270 HIGH PATCH This Week

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Pygments Openshift Container Platform Openstack Platform Software Collections +3
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2021-20222 HIGH PATCH This Week

A flaw was found in keycloak. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Keycloak
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-21359 HIGH PATCH This Week

TYPO3 is an open source PHP based web content management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Information Disclosure Typo3
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-21339 HIGH PATCH This Week

TYPO3 is an open source PHP based web content management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Typo3
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-21348 HIGH PATCH This Week

XStream is a Java library to serialize objects to XML and back again. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Java Oncommand Insight Activemq Jmeter +13
NVD GitHub
CVSS 3.1
7.5
EPSS
13.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy