Skip to main content
CVE-2021-31324 CRITICAL POC THREAT Act Now

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Webpanel
NVD
CVSS 3.1
9.8
EPSS
34.1%
CVE-2021-31316 CRITICAL POC THREAT Act Now

The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Webpanel
NVD
CVSS 3.1
9.8
EPSS
13.0%
CVE-2021-32305 CRITICAL POC PATCH THREAT Act Now

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Websvn
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
86.7%
CVE-2021-32238 HIGH POC This Week

Epic Games / Psyonix Rocket League <=1.95 is affected by Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption Rocket League
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-30145 HIGH POC PATCH This Week

A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Mpv
NVD GitHub
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-31321 HIGH POC This Week

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apple Memory Corruption Google Telegram
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2021-31320 HIGH POC This Week

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apple Memory Corruption Google Telegram
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2021-31323 MEDIUM POC This Month

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apple Memory Corruption Google Telegram
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-31322 MEDIUM POC This Month

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apple Memory Corruption Google Telegram
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2021-31319 MEDIUM POC This Month

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Buffer Overflow Apple Integer Overflow Telegram
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-31318 MEDIUM POC This Month

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Buffer Overflow Apple Memory Corruption Telegram
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-31317 MEDIUM POC This Month

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Buffer Overflow Apple Memory Corruption Telegram
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-31315 MEDIUM POC This Month

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apple Memory Corruption Google Telegram
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-3518 HIGH PATCH This Week

There's a flaw in libxml2 in versions before 2.9.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Libxml2 Debian Linux +16
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-31827 HIGH PATCH This Week

In Progress MOVEit Transfer before 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app that could allow an authenticated attacker to gain unauthorized access to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass SQLi Microsoft Moveit Transfer
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-22117 HIGH This Week

RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Code Injection Microsoft Rabbitmq Server
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-3423 HIGH This Week

Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Gravityzone Business Security
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-3200 LOW POC PATCH Monitor

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Libsolv Communications Cloud Native Core Policy
NVD GitHub
CVSS 3.1
3.3
EPSS
1.3%
CVE-2021-3531 MEDIUM PATCH This Month

A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Red Hat Ceph Ceph Storage Fedora
NVD
CVSS 3.1
5.3
EPSS
2.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy