Skip to main content
CVE-2021-34825 HIGH POC This Week

Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Quassel Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-32078 HIGH POC PATCH This Week

An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.1
7.1
EPSS
0.6%
CVE-2021-32693 HIGH PATCH This Week

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

PHP Authentication Bypass Symfony
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-32424 HIGH This Week

In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Tw100 S4W1Ca Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-3603 HIGH PATCH This Week

PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Code Injection Phpmailer Fedora
NVD GitHub
CVSS 3.1
8.1
EPSS
2.3%
CVE-2021-32952 HIGH PATCH This Week

An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-32948 HIGH PATCH This Week

An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-32944 HIGH PATCH This Week

A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow RCE Memory Corruption Drawings Sdk +3
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-32936 HIGH PATCH This Week

An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2021-32946 HIGH PATCH This Week

An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Drawings Sdk Comos Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2021-0143 HIGH This Week

Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Brand Verification Tool
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-32582 HIGH This Week

An issue was discovered in ConnectWise Automate before 2021.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Connectwise Automate
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-29706 HIGH PATCH This Week

IBM AIX 7.1 could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

IBM Denial Of Service Aix
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2021-32950 HIGH PATCH This Week

An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.1
EPSS
2.1%
CVE-2021-32940 HIGH PATCH This Week

An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.1
EPSS
2.1%
CVE-2021-32938 HIGH PATCH This Week

Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.1
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy