Skip to main content
CVE-2021-28340 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2021-28339 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28338 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28337 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28336 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28335 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28334 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28333 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2021-28332 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28331 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28330 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28329 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28327 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2021-23276 HIGH This Week

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Intelligent Power Manager Intelligent Power Manager Virtual Appliance Intelligent Power Protector
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-22719 HIGH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal C Bus Toolkit
NVD
CVSS 3.1
8.8
EPSS
40.6%
CVE-2021-22717 HIGH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal C Bus Toolkit
NVD
CVSS 3.1
8.8
EPSS
38.9%
CVE-2021-29425 MEDIUM POC PATCH THREAT This Month

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Apache Path Traversal Commons Io Debian Linux Access Manager +57
NVD
CVSS 3.1
4.8
EPSS
10.6%
CVE-2021-29054 HIGH PATCH This Week

Certain Papoo products are affected by: Cross Site Request Forgery (CSRF) in the admin interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Papoo
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-28447 MEDIUM POC PATCH This Month

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.1
4.4
EPSS
2.0%
CVE-2021-27094 MEDIUM POC PATCH This Month

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
4.4
EPSS
1.0%
CVE-2021-21482 HIGH This Week

SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized user with access to the MDM Server subnet to find the password using a brute force method. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Netweaver Master Data Management
NVD
CVSS 3.1
8.3
EPSS
0.4%
CVE-2021-29436 HIGH PATCH This Week

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF PHP Time Tracker
NVD GitHub
CVSS 3.1
8.1
EPSS
0.5%
CVE-2021-28460 HIGH PATCH This Week

Azure Sphere Unsigned Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is no authentication required.

Microsoft RCE Azure Sphere
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2021-28445 HIGH PATCH This Week

Windows Network File System Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.1
EPSS
2.7%
CVE-2021-21731 HIGH This Week

A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Zte Zxcloud Irai
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2021-0433 HIGH PATCH This Week

In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
8.0
EPSS
0.6%
CVE-2021-3462 HIGH This Week

A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Lenovo Authentication Bypass Power Management Driver
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-28475 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-28473 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-28472 HIGH PATCH This Week

Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Java Vscode Maven
NVD
CVSS 3.1
7.8
EPSS
63.0%
CVE-2021-28471 HIGH PATCH This Week

Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2021-28470 HIGH PATCH This Week

Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code Github Pull Requests And Issues
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-28469 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-28468 HIGH PATCH This Week

Raw Image Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

RCE Memory Corruption Raw Image Extension
NVD
CVSS 3.1
7.8
EPSS
5.9%
CVE-2021-28466 HIGH PATCH This Week

Raw Image Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Raw Image Extension
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-28464 HIGH PATCH This Week

VP9 Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Vp9 Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-28458 HIGH PATCH This Week

Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Ms Rest Nodeauth
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-28457 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-28454 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption RCE 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-28453 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Online Server +4
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2021-28451 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +2
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-28449 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-28448 HIGH PATCH This Week

Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Kubernetes RCE Visual Studio Code Kubernetes Tools
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-28436 HIGH PATCH This Week

Windows Speech Runtime Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-28351 HIGH PATCH This Week

Windows Speech Runtime Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-28350 HIGH PATCH This Week

Windows GDI+ Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-28349 HIGH PATCH This Week

Windows GDI+ Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-28348 HIGH PATCH This Week

Windows GDI+ Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-28347 HIGH PATCH This Week

Windows Speech Runtime Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-28322 HIGH PATCH This Week

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Visual Studio Visual Studio 2017 Visual Studio 2019 Windows 10 +2
NVD
CVSS 3.1
7.8
EPSS
1.0%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy