Skip to main content
CVE-2021-28940 CRITICAL POC Act Now

Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Magpierss
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-22203 CRITICAL POC Act Now

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-29012 CRITICAL POC Act Now

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Dma Radius Manager
NVD GitHub
CVSS 3.1
9.8
EPSS
3.2%
CVE-2021-30000 CRITICAL POC Act Now

An issue was discovered in LATRIX 0.6.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Information Disclosure RCE Latrix
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-30072 CRITICAL Act Now

An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow D-Link Memory Corruption Dir 878 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-1871 CRITICAL KEV THREAT Act Now

A logic issue was addressed with improved restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
9.8
EPSS
7.1%
CVE-2021-1870 CRITICAL KEV THREAT Act Now

A logic issue was addressed with improved restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
9.8
EPSS
7.9%
CVE-2021-1818 CRITICAL Act Now

A logic issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipad Os Iphone Os Mac Os X +3
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2021-1796 CRITICAL Act Now

An out-of-bounds write was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipad Os +1
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-1795 CRITICAL Act Now

An out-of-bounds write was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipad Os +1
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-1794 CRITICAL Act Now

An out-of-bounds read was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipad Os +1
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-28123 CRITICAL Act Now

Undocumented Default Cryptographic Key Vulnerability in Cohesity DataPlatform version 6.3 prior 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cohesity Dataplatform
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy