Skip to main content
CVE-2021-34173 HIGH POC This Week

An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Esp32 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-23407 HIGH POC PATCH This Week

This affects the package elFinder.Net.Core from 0 and before 1.2.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Elfinder Net Core
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2021-33766 HIGH POC KEV PATCH THREAT This Week

Microsoft Exchange Server Information Disclosure Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Exchange Server
NVD
CVSS 3.1
7.3
EPSS
97.5%
CVE-2021-34525 HIGH PATCH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows Server 2012 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2021-34508 HIGH PATCH This Week

Windows Kernel Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2021-34494 HIGH PATCH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows Server 2008 Windows Server 2012 Windows Server 2016 +1
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-33780 HIGH PATCH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows Server 2008 Windows Server 2012 Windows Server 2016 +1
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2021-33756 HIGH PATCH This Week

Windows DNS Snap-in Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-33752 HIGH PATCH This Week

Windows DNS Snap-in Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-33750 HIGH PATCH This Week

Windows DNS Snap-in Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-33749 HIGH PATCH This Week

Windows DNS Snap-in Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-0592 HIGH This Week

In various functions in WideVine, there are possible out of bounds writes due to improper input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Google Android
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-33671 HIGH This Week

SAP NetWeaver Guided Procedures (Administration Workset), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for an authenticated user, resulting in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Netweaver Guided Procedures
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-20782 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the authentication of administrators via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Software License Manager
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-20781 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Wordpress Meta Data And Taxonomies Filter
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-34469 HIGH PATCH This Week

Microsoft Office Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Office
NVD
CVSS 3.1
8.2
EPSS
3.3%
CVE-2021-33767 HIGH PATCH This Week

Open Enclave SDK Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Open Enclave Software Development Kit
NVD
CVSS 3.1
8.2
EPSS
0.8%
CVE-2021-34520 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Microsoft RCE Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
8.1
EPSS
3.3%
CVE-2021-34492 HIGH PATCH This Week

Windows Certificate Spoofing Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.1
EPSS
2.3%
CVE-2021-33786 HIGH PATCH This Week

Windows LSA Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows Server 2008 Windows Server 2012 Windows Server 2016 +1
NVD
CVSS 3.1
8.1
EPSS
2.0%
CVE-2021-33781 HIGH PATCH This Week

Azure AD Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
8.1
EPSS
2.2%
CVE-2021-33779 HIGH PATCH This Week

Windows AD FS Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
8.1
EPSS
2.2%
CVE-2021-0514 HIGH This Week

In several functions of the V8 library, there is a possible use after free due to a race condition. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Denial Of Service Race Condition Android
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-34474 HIGH PATCH This Week

Dynamics Business Central Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

RCE Dynamics 365 Business Central
NVD
CVSS 3.1
8.0
EPSS
1.9%
CVE-2021-34470 HIGH PATCH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity.

Microsoft Information Disclosure Exchange Server
NVD
CVSS 3.1
8.0
EPSS
3.3%
CVE-2021-33768 HIGH PATCH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity.

Microsoft Information Disclosure Exchange Server
NVD
CVSS 3.1
8.0
EPSS
1.2%
CVE-2021-33754 HIGH PATCH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows Server 2008 Windows Server 2012 Windows Server 2016 +1
NVD
CVSS 3.1
8.0
EPSS
1.8%
CVE-2021-33746 HIGH PATCH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows Server 2008 Windows Server 2012 Windows Server 2016 +1
NVD
CVSS 3.1
8.0
EPSS
1.8%
CVE-2021-0594 HIGH This Week

In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
8.0
EPSS
1.4%
CVE-2021-34529 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2021-34528 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-34522 HIGH PATCH This Week

Microsoft Defender Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Malware Protection Engine
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-34521 HIGH PATCH This Week

Raw Image Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-34518 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Excel Office Web Apps Server
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-34516 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-34514 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-34513 HIGH PATCH This Week

Storage Spaces Controller Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-34512 HIGH PATCH This Week

Storage Spaces Controller Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-34511 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows Server 2008 +3
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-34510 HIGH PATCH This Week

Storage Spaces Controller Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-34504 HIGH PATCH This Week

Windows Address Book Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-34503 HIGH PATCH This Week

Microsoft Windows Media Foundation Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-34501 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Excel Office +1
NVD
CVSS 3.1
7.8
EPSS
53.2%
CVE-2021-34498 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption Information Disclosure Windows 10 +7
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-34489 HIGH PATCH This Week

DirectWrite Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-34488 HIGH PATCH This Week

Windows Console Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-34479 HIGH PATCH This Week

Microsoft Visual Studio Spoofing Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-34477 HIGH PATCH This Week

Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Net Education Bundle Sdk Install Tool Net Install Tool For Extension Authors
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-33784 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-33778 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy