Skip to main content
CVE-2021-30118 CRITICAL POC PATCH THREAT Act Now

An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management (RMM) 9.5.4.2149 and subsequently use these files to execute asp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

File Upload Vsa
NVD
CVSS 3.1
9.8
EPSS
60.3%
CVE-2021-30116 CRITICAL POC KEV THREAT Act Now

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Vsa Agent Vsa Server
NVD
CVSS 3.1
9.8
EPSS
85.6%
CVE-2021-24020 CRITICAL Act Now

A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to tamper with signed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jwt Attack Fortimail
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2021-24007 CRITICAL Act Now

Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Fortimail
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-32742 CRITICAL Act Now

Vapor is a web framework for Swift. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Denial Of Service Vapor
NVD GitHub
CVSS 3.1
9.1
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy