Skip to main content
CVE-2021-29441 CRITICAL POC PATCH THREAT Act Now

Nacos is a platform designed for dynamic service discovery and configuration and service management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Nacos
NVD GitHub
CVSS 3.1
9.8
EPSS
74.2%
CVE-2021-30128 CRITICAL POC PATCH THREAT Act Now

Apache OFBiz has unsafe deserialization prior to 17.12.07 version. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Apache Ofbiz
NVD
CVSS 3.1
9.8
EPSS
81.1%
CVE-2021-29200 CRITICAL POC PATCH THREAT Act Now

Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Apache Ofbiz
NVD
CVSS 3.1
9.8
EPSS
55.4%
CVE-2021-29476 CRITICAL PATCH Act Now

Requests is a HTTP library written in PHP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Requests
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-30642 CRITICAL Act Now

An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Security Analytics
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2021-27480 CRITICAL Act Now

Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Industrial Automation Commgr
NVD
CVSS 3.1
9.8
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy