Skip to main content
CVE-2021-32238 HIGH POC This Week

Epic Games / Psyonix Rocket League <=1.95 is affected by Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption Rocket League
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-30145 HIGH POC PATCH This Week

A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Mpv
NVD GitHub
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-31321 HIGH POC This Week

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apple Memory Corruption Google Telegram
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2021-31320 HIGH POC This Week

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Apple Memory Corruption Google Telegram
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2021-3518 HIGH PATCH This Week

There's a flaw in libxml2 in versions before 2.9.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Libxml2 Debian Linux +16
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-31827 HIGH PATCH This Week

In Progress MOVEit Transfer before 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app that could allow an authenticated attacker to gain unauthorized access to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass SQLi Microsoft Moveit Transfer
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-22117 HIGH This Week

RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Code Injection Microsoft Rabbitmq Server
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-3423 HIGH This Week

Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Gravityzone Business Security
NVD
CVSS 3.1
7.8
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy