Skip to main content
CVE-2021-32572 HIGH POC This Week

Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET request for a URI with /.. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Web Viewer
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-23134 HIGH PATCH This Week

Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Linux Memory Corruption Denial Of Service Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-27398 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-27397 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-27396 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-23891 HIGH This Week

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Total Protection
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-23872 HIGH This Week

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Total Protection
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-25662 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic Wincc Runtime Advanced Simatic Hmi Comfort Outdoor Panels 7 Firmware Simatic Hmi Comfort Outdoor Panels 15 Firmware Simatic Hmi Comfort Panels 4 Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-27386 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Simatic Wincc Runtime Advanced Sinamics Sh150 Firmware Sinamics Sm150I Firmware Sinamics Gh150 Firmware +14
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-27383 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Wincc Runtime Advanced Sinamics Sh150 Firmware Sinamics Sm150I Firmware Sinamics Gh150 Firmware +14
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-27385 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Wincc Runtime Advanced Sinamics Sh150 Firmware Sinamics Sm150I Firmware Sinamics Gh150 Firmware +14
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-25660 HIGH PATCH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Simatic Hmi Comfort Outdoor Panels 7 Firmware Simatic Hmi Comfort Outdoor Panels 15 Firmware Simatic Hmi Comfort Panels 4 Firmware Simatic Hmi Comfort Panels 22 Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-25661 HIGH This Week

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Simatic Wincc Runtime Advanced Simatic Hmi Comfort Outdoor Panels 7 Firmware Simatic Hmi Comfort Outdoor Panels 15 Firmware Simatic Hmi Comfort Panels 4 Firmware +6
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2021-32611 HIGH PATCH This Week

A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Exosip2
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-20277 HIGH This Week

A flaw was found in Samba's libldb. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samba Debian Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
4.3%
CVE-2021-31519 HIGH This Week

An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Trend Micro Housecall For Home Networks
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-28649 HIGH This Week

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Trend Micro Housecall For Home Networks
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-20202 HIGH PATCH This Week

A flaw was found in keycloak. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Java Keycloak
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-23892 HIGH This Week

By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Privilege Escalation Endpoint Security For Linux Threat Prevention
NVD
CVSS 3.1
7.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy