Skip to main content
CVE-2021-26830 CRITICAL POC PATCH Act Now

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Zenario
NVD GitHub Exploit-DB
CVSS 3.1
9.1
EPSS
4.6%
CVE-2021-31414 CRITICAL PATCH Act Now

The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Rpm Spec
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-27692 CRITICAL Act Now

Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tenda Command Injection G1 Firmware G3 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-27691 CRITICAL Act Now

Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tenda Command Injection G0 Firmware G1 Firmware G3 Firmware
NVD
CVSS 3.1
9.8
EPSS
25.2%
CVE-2021-29451 CRITICAL PATCH Act Now

Portofino is an open source web development framework. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jwt Attack Portofino
NVD GitHub
CVSS 3.1
9.1
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy