Skip to main content
CVE-2021-28319 HIGH PATCH This Week

Windows TCP/IP Driver Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.5
EPSS
9.4%
CVE-2021-23372 HIGH This Week

All versions of package mongo-express are vulnerable to Denial of Service (DoS) when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mongo Express
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-0435 HIGH PATCH This Week

In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-0431 HIGH PATCH This Week

In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-29262 HIGH PATCH This Week

When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Solr
NVD
CVSS 3.1
7.5
EPSS
7.8%
CVE-2021-0446 HIGH PATCH This Week

In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-29439 HIGH This Week

The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Authentication Bypass Grav Admin
NVD GitHub
CVSS 3.1
7.2
EPSS
2.6%
CVE-2021-28452 HIGH PATCH This Week

Microsoft Outlook Memory Corruption Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption 365 Apps Office +1
NVD
CVSS 3.1
7.1
EPSS
1.3%
CVE-2021-28446 HIGH PATCH This Week

Windows Portmapping Information Disclosure Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2021-28477 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Visual Studio Code
NVD
CVSS 3.1
7.0
EPSS
2.3%
CVE-2021-28440 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2021-27072 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 Windows Server 2012 +2
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2021-0432 HIGH PATCH This Week

In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.0).

Google Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy