Skip to main content
CVE-2021-29448 HIGH POC This Week

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ftldns Pi Hole Web Interface
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-28242 HIGH POC This Week

SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP B2Evolution
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
5.0%
CVE-2021-21405 HIGH POC PATCH This Week

Lotus is an Implementation of the Filecoin protocol written in Go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Jwt Attack Lotus
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-31402 HIGH POC This Week

The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Dio
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-30245 HIGH PATCH This Week

The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache RCE Openoffice
NVD
CVSS 3.1
8.8
EPSS
4.9%
CVE-2021-28549 HIGH This Week

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Photoshop
NVD
CVSS 3.1
7.8
EPSS
6.5%
CVE-2021-28548 HIGH This Week

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
6.4%
CVE-2021-21100 HIGH This Week

Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Digital Editions
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2021-21095 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
3.9%
CVE-2021-21094 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2021-21093 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
3.9%
CVE-2021-21092 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
3.9%
CVE-2021-23887 HIGH This Week

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Data Loss Prevention Endpoint
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29430 HIGH PATCH This Week

Sydent is a reference Matrix identity server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Sydent
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2021-20288 HIGH PATCH This Week

An authentication flaw was found in ceph in versions before 14.2.20. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Ceph Ceph Storage Fedora Debian Linux
NVD
CVSS 3.1
7.2
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy