Skip to main content
CVE-2021-25151 HIGH This Week

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Aruba Airwave
NVD
CVSS 3.1
8.8
EPSS
12.6%
CVE-2021-27648 HIGH This Week

Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users to obtain privilege via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Synology Information Disclosure Antivirus Essential
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-3512 HIGH This Week

Improper access control vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior,. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass HP Bhr 4Grv Firmware Dwr Hp G300Nh Firmware Hw 450Hp Zwe Firmware +21
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-25165 HIGH This Week

A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Aruba Airwave
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-25153 HIGH This Week

A remote SQL injection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Aruba Airwave
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-25147 HIGH This Week

A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Aruba Authentication Bypass Airwave
NVD
CVSS 3.1
8.1
EPSS
1.3%
CVE-2021-29483 HIGH PATCH This Week

ManageWiki is an extension to the MediaWiki project. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Managewiki
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-29482 HIGH PATCH This Week

xz is a compression and decompression library focusing on the xz format completely written in Go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Xz
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-25154 HIGH This Week

A remote escalation of privilege vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Aruba Airwave
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-22332 HIGH This Week

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cloudengine 12800 Firmware Cloudengine 5800 Firmware Cloudengine 6800 Firmware Cloudengine 7800 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-22331 HIGH This Week

There is a JavaScript injection vulnerability in certain Huawei smartphones. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Code Injection P30 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-22393 HIGH This Week

There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cloudengine 12800 Firmware Cloudengine 5800 Cloudengine 6800 Firmware Cloudengine 7800 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-30169 HIGH This Week

The sensitive information of webcam device is not properly protected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure P2R8852E2 Firmware P2R8852E4 Firmware P2R6852E2 Firmware P2R6852E4 Firmware +37
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-31863 HIGH This Week

Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Redmine Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-25152 HIGH This Week

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Aruba Airwave
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2021-30166 HIGH This Week

The NTP Server configuration function of the IP camera device is not verified with special parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection P2R8852E2 Firmware P2R8852E4 Firmware P2R6852E2 Firmware P2R6852E4 Firmware +37
NVD GitHub
CVSS 3.1
7.2
EPSS
3.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy