Skip to main content
CVE-2021-2241 HIGH PATCH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Istore
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2239 HIGH PATCH This Week

Vulnerability in the Oracle Time and Labor product of Oracle E-Business Suite (component: Timecard). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Time And Labor
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-2238 HIGH PATCH This Week

Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Process Operations). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Manufacturing Execution System For Process Manufacturing
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-2237 HIGH PATCH This Week

Vulnerability in the Oracle General Ledger product of Oracle E-Business Suite (component: Account Hierarchy Manager). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass General Ledger
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2236 HIGH PATCH This Week

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Advanced Global Intercompany). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financials Common Modules
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-2235 HIGH PATCH This Week

Vulnerability in the Oracle Transportation Execution product of Oracle E-Business Suite (component: Install and Upgrade). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Execution
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-2233 HIGH PATCH This Week

Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite (component: Setup). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Enterprise Asset Management
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2231 HIGH PATCH This Week

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Installed Base
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-2229 HIGH PATCH This Week

Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite (component: LOVs). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Depot Repair
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2228 HIGH PATCH This Week

Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Incentive Compensation
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-2227 HIGH PATCH This Week

Vulnerability in the Oracle Cash Management product of Oracle E-Business Suite (component: Bank Account Transfer). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Cash Management
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2225 HIGH PATCH This Week

Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: DBI Setups). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass E Business Intelligence
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2224 HIGH PATCH This Week

Vulnerability in the Oracle Compensation Workbench product of Oracle E-Business Suite (component: Compensation Workbench). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Compensation Workbench
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2223 HIGH PATCH This Week

Vulnerability in the Oracle Receivables product of Oracle E-Business Suite (component: Receipts). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Receivables
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2222 HIGH PATCH This Week

Vulnerability in the Oracle Bill Presentment Architecture product of Oracle E-Business Suite (component: Template Search). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Bill Presentment Architecture
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-2173 MEDIUM POC PATCH This Month

Vulnerability in the Recovery component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database Server
NVD GitHub
CVSS 3.1
4.1
EPSS
1.4%
CVE-2021-2156 HIGH PATCH This Week

Vulnerability in the Oracle Customers Online product of Oracle E-Business Suite (component: Customer Tab). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Customers Online
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-0265 HIGH This Week

An unvalidated REST API in the AppFormix Agent of Juniper Networks AppFormix allows an unauthenticated remote attacker to execute commands as root on the host running the AppFormix Agent, when. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Juniper Appformix
NVD
CVSS 3.1
8.1
EPSS
2.5%
CVE-2021-30356 HIGH This Week

A denial of service vulnerability was reported in Check Point Identity Agent before R81.018.0000, which could allow low privileged users to overwrite protected system files. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Checkpoint Denial Of Service Identity Agent
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2167 HIGH PATCH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Oracle Information Disclosure Solaris
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28648 HIGH PATCH This Week

Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Trend Micro Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-27382 HIGH This Week

A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Solid Edge Se2020 Solid Edge Se2021
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-25678 HIGH This Week

A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Solid Edge Se2020 Solid Edge Se2021
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-25670 HIGH This Week

A vulnerability has been identified in Tecnomatix RobotExpert (All versions < V16.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Tecnomatix Robotexpert
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-24242 LOW POC Monitor

The Tutor LMS - eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Path Traversal PHP Tutor Lms
NVD WPScan
CVSS 3.1
3.8
EPSS
0.8%
CVE-2021-0255 HIGH This Week

A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Juniper Junos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0245 HIGH This Week

A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-27277 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Deserialization RCE Orion Platform
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-2181 HIGH PATCH This Week

Vulnerability in the Oracle Document Management and Collaboration product of Oracle E-Business Suite (component: Attachments). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Document Management And Collaboration
NVD
CVSS 3.1
7.6
EPSS
0.8%
CVE-2021-2310 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-2309 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-2277 HIGH PATCH This Week

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Coherence
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-2190 HIGH PATCH This Week

Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Template). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Sales Offline
NVD
CVSS 3.1
7.5
EPSS
92.9%
CVE-2021-2189 HIGH PATCH This Week

Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Template). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Sales Offline
NVD
CVSS 3.1
7.5
EPSS
14.7%
CVE-2021-2157 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: TopLink Integration). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2021-2145 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-0264 HIGH This Week

A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-0261 HIGH This Week

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-0250 HIGH This Week

In segment routing traffic engineering (SRTE) environments where the BGP Monitoring Protocol (BMP) feature is enable, a vulnerability in the Routing Protocol Daemon (RPD) process of Juniper Networks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-0233 HIGH This Week

A vulnerability in Juniper Networks Junos OS ACX500 Series, ACX4000 Series, may allow an attacker to cause a Denial of Service (DoS) by sending a high rate of specific packets to the device,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-0230 HIGH This Week

On Juniper Networks SRX Series devices with link aggregation (lag) configured, executing any operation that fetches Aggregated Ethernet (AE) interface statistics, including but not limited to SNMP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-0227 HIGH This Week

An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an attacker to cause Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-0226 HIGH This Week

On Juniper Networks Junos OS Evolved devices, receipt of a specific IPv6 packet may cause an established IPv6 BGP session to terminate, creating a Denial of Service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-20590 HIGH This Week

Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Got2000 Gt27 Firmware Got2000 Gt25 Firmware Gt2107 Wtbd Firmware Gt2107 Wtsd Firmware +2
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-29653 HIGH This Week

HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Vault
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-27400 HIGH This Week

HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets engine plugin) did not validate TLS certificates when connecting to Cassandra clusters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Vault
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-31555 HIGH This Week

An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mediawiki
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-29466 HIGH This Week

Discord-Recon is a bot for the Discord chat service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Discord Recon
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-2219 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: SQR). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
7.4
EPSS
0.9%
CVE-2021-0259 HIGH This Week

Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Junos Os Evolved
NVD
CVSS 3.1
7.4
EPSS
0.4%
Prev Page 3 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy