Skip to main content
CVE-2021-32625 HIGH This Week

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Redis RCE Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-23894 HIGH This Week

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Deserialization Java Database Security
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-3546 HIGH This Week

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption Qemu +1
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2021-23895 HIGH This Week

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Deserialization Java Database Security
NVD
CVSS 3.1
8.0
EPSS
1.9%
CVE-2021-28677 HIGH PATCH This Week

An issue was discovered in Pillow before 8.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Pillow Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.3%
CVE-2021-28676 HIGH PATCH This Week

An issue was discovered in Pillow before 8.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Pillow Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2021-3530 HIGH PATCH This Week

A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Binutils Ontap Select Deploy Administration Utility
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2021-24012 HIGH This Week

An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortios
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2021-29090 HIGH This Week

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in PHP component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Synology SQLi PHP Photo Station
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2021-3529 HIGH This Week

A flaw was found in noobaa-core in versions before 5.7.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Noobaa Operator Openshift Container Platform
NVD
CVSS 3.1
7.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy