Skip to main content
CVE-2021-35331 HIGH POC PATCH This Week

In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Tcl
NVD GitHub
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-23401 MEDIUM POC This Month

This affects all versions of package Flask-User. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Python Flask User
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-33192 MEDIUM PATCH This Month

A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views.0.0 to version 4.0.0 (inclusive). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache XSS Jena Fuseki
NVD
CVSS 3.1
6.1
EPSS
2.9%
CVE-2021-36158 MEDIUM PATCH This Month

In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Aports
NVD
CVSS 3.1
5.9
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy