Skip to main content
CVE-2021-25943 CRITICAL POC Act Now

Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution RCE Denial Of Service 101
NVD GitHub
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-25941 CRITICAL POC PATCH Act Now

Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution RCE Denial Of Service Deep Override
NVD GitHub
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-24285 CRITICAL POC THREAT Act Now

The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Cars Seller Auto Classifieds Script
NVD WPScan
CVSS 3.1
9.8
EPSS
14.7%
CVE-2021-24284 CRITICAL POC THREAT Act Now

The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress File Upload Kaswara
NVD WPScan
CVSS 3.1
9.8
EPSS
42.1%
CVE-2021-3402 CRITICAL POC Act Now

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service Information Disclosure Yara +1
NVD
CVSS 3.1
9.1
EPSS
2.2%
CVE-2021-32819 HIGH POC PATCH THREAT This Week

Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Information Disclosure Squirrelly
NVD GitHub
CVSS 3.1
8.8
EPSS
59.8%
CVE-2021-24280 HIGH POC This Week

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the import_from_debug AJAX action to inject PHP objects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization WordPress PHP Redirection For Contact Form 7
NVD WPScan
CVSS 3.1
8.8
EPSS
2.0%
CVE-2021-24195 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin before 1.8, to install any plugin (including. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Login As User Or Customer User Switching
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-24194 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Login Protection Limit Failed Login Attempts
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-24193 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin before 2.12, to install any plugin (including a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Visitor Traffic Real Time Statistics
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-24192 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin (including a specific version) from the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Sitemap
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-24191 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Coming Soon Page Maintenance Mode
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-24190 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin (including. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Conditional Marketing Mailer
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-24189 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Google WordPress Authentication Bypass Captchinoo
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-24188 HIGH POC This Week

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Wp Content Copy Protection No Right Click
NVD WPScan
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-32820 HIGH POC PATCH THREAT This Week

Express-handlebars is a Handlebars view engine for Express. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Express Handlebars
NVD GitHub
CVSS 3.1
8.6
EPSS
18.0%
CVE-2021-33034 HIGH POC PATCH This Week

In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Memory Corruption Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-33033 HIGH POC PATCH This Week

The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Memory Corruption Information Disclosure Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-29616 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29614 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Python Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29612 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-29610 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29609 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29608 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29607 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29606 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29603 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29600 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29599 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29598 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29597 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29596 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29595 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29594 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29593 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29592 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29591 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-29589 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29588 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29587 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29586 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29585 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29583 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Null Pointer Dereference Buffer Overflow Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29579 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29578 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29577 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29576 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29574 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29571 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Python Memory Corruption RCE Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-29568 HIGH POC PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy