Skip to main content
CVE-2021-23008 CRITICAL Act Now

On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Big Ip Access Policy Manager
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-26583 CRITICAL Act Now

A potential security vulnerability was identified in HPE iLO Amplifier Pack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Ilo Amplifier Pack
NVD
CVSS 3.1
9.8
EPSS
4.4%
CVE-2021-20538 CRITICAL Act Now

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Authentication Bypass Cloud Pak For Security
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-25848 CRITICAL Act Now

Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to using fixed loop. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Vport 06Ec 2V26M Firmware Vport 06Ec 2V36M T Firmware Vport 06Ec 2V36M Ct Firmware +13
NVD
CVSS 3.1
9.1
EPSS
1.2%
CVE-2021-25847 CRITICAL Act Now

Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to controllable loop. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Vport 06Ec 2V26M Firmware Vport 06Ec 2V36M T Firmware Vport 06Ec 2V36M Ct Firmware +13
NVD
CVSS 3.1
9.1
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy