Skip to main content
CVE-2021-26807 HIGH POC This Week

GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgcc_s_dw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Galaxy
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-29486 HIGH POC PATCH This Week

cumulative-distribution-function is an open source npm library used which calculates statistical cumulative distribution function from data array of x values. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Node.js Cumulative Distribution Function
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2021-31933 HIGH POC PATCH THREAT This Week

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal RCE PHP Chamilo
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
13.9%
CVE-2021-21530 HIGH PATCH This Week

Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Dell Command Injection Information Disclosure Openmanage Enterprise Modular
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-21233 HIGH This Week

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Memory Corruption Google Chrome +2
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-21232 HIGH This Week

Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Chrome +2
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-21231 HIGH This Week

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google Chrome Debian Linux +1
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-21230 HIGH This Week

Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Memory Corruption Information Disclosure Chrome Fedora +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-21227 HIGH This Week

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google Chrome Fedora +1
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-21540 HIGH This Week

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a stack-based overflow vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Dell Stack Overflow Idrac9 Firmware
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-21531 HIGH This Week

Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Solutions Enabler Solutions Enabler Virtual Appliance Unisphere For Powermax +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-29464 HIGH PATCH This Week

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE Exiv2 Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-21535 HIGH This Week

Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Hybrid Client
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-31871 HIGH PATCH This Week

An issue was discovered in klibc before 2.0.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Klibc Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2021-31919 HIGH PATCH This Week

An issue was discovered in the rkyv crate before 0.6.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rkyv
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-21539 HIGH This Week

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Idrac9 Firmware
NVD
CVSS 3.1
7.1
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy