Skip to main content
CVE-2021-34813 CRITICAL POC PATCH Act Now

Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from the homeserver) because olm_pk_decrypt has. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Memory Corruption Olm
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2021-20093 CRITICAL POC PATCH THREAT Act Now

A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Codemeter Pss Cape Sicam 230 Firmware +7
NVD
CVSS 3.1
9.1
EPSS
33.3%
CVE-2021-32691 CRITICAL PATCH Act Now

Apollos Apps is an open source platform for launching church-related apps. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Data Connector Rock
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-27610 CRITICAL Act Now

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Netweaver Abap Netweaver Application Server Abap
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-32928 CRITICAL Act Now

The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sentinel Ldk Run Time Environment
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-32685 CRITICAL PATCH Act Now

tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Information Disclosure Jwt Attack Tenvoy
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy