Skip to main content
CVE-2021-32608 CRITICAL POC PATCH THREAT Act Now

An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Smartstore
NVD GitHub
CVSS 3.1
9.8
EPSS
33.4%
CVE-2021-32607 CRITICAL POC PATCH THREAT Act Now

An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Smartstore
NVD GitHub
CVSS 3.1
9.8
EPSS
33.4%
CVE-2021-32572 HIGH POC This Week

Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET request for a URI with /.. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Web Viewer
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-27384 CRITICAL PATCH Act Now

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Simatic Wincc Runtime Advanced Sinamics Sh150 Firmware Sinamics Sm150I Firmware Sinamics Gh150 Firmware +14
NVD VulDB
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-30213 MEDIUM POC This Month

Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Knowage
NVD GitHub
CVSS 3.1
6.1
EPSS
2.7%
CVE-2021-30214 MEDIUM POC THREAT This Month

Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injection in '/knowage/restful-services/signup/update' via the 'name' parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Knowage
NVD GitHub
CVSS 3.1
5.4
EPSS
23.8%
CVE-2021-30212 MEDIUM POC This Month

Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Knowage
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-30211 MEDIUM POC This Month

Knowage Suite 7.3 is vulnerable to Stored Cross-Site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Knowage
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-23134 HIGH PATCH This Week

Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Memory Corruption Denial Of Service Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-27398 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-27397 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-27396 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-23891 HIGH This Week

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Total Protection
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-23872 HIGH This Week

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Total Protection
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-25662 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic Wincc Runtime Advanced Simatic Hmi Comfort Outdoor Panels 7 Firmware Simatic Hmi Comfort Outdoor Panels 15 Firmware Simatic Hmi Comfort Panels 4 Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-27386 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic Wincc Runtime Advanced Sinamics Sh150 Firmware Sinamics Sm150I Firmware Sinamics Gh150 Firmware +14
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-27383 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Wincc Runtime Advanced Sinamics Sh150 Firmware Sinamics Sm150I Firmware Sinamics Gh150 Firmware +14
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-27385 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Wincc Runtime Advanced Sinamics Sh150 Firmware Sinamics Sm150I Firmware Sinamics Gh150 Firmware +14
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-25660 HIGH PATCH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Simatic Hmi Comfort Outdoor Panels 7 Firmware Simatic Hmi Comfort Outdoor Panels 15 Firmware Simatic Hmi Comfort Panels 4 Firmware Simatic Hmi Comfort Panels 22 Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-25661 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Simatic Wincc Runtime Advanced Simatic Hmi Comfort Outdoor Panels 7 Firmware Simatic Hmi Comfort Outdoor Panels 15 Firmware Simatic Hmi Comfort Panels 4 Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2021-32611 HIGH PATCH This Week

A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Exosip2
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-20277 HIGH This Week

A flaw was found in Samba's libldb. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samba Debian Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
4.3%
CVE-2021-31519 HIGH This Week

An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Trend Micro Housecall For Home Networks
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-28649 HIGH This Week

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Trend Micro Housecall For Home Networks
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-20202 HIGH PATCH This Week

A flaw was found in keycloak. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Java Keycloak
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-23892 HIGH This Week

By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Privilege Escalation Endpoint Security For Linux Threat Prevention
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2021-29511 MEDIUM PATCH This Month

evm is a pure Rust implementation of Ethereum Virtual Machine. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Evm
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-3457 MEDIUM This Month

An improper authorization handling flaw was found in Foreman. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Smart Proxy Shell Hooks
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2021-23135 MEDIUM This Month

Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs.8 versions prior to 1.8.7;. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Argo Cd
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-31341 MEDIUM This Month

Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Database Replication
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-31339 MEDIUM This Month

A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Excel Importer
NVD
CVSS 3.1
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy