Skip to main content
CVE-2021-23418 CRITICAL POC PATCH Act Now

The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XXE Glances
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-21538 CRITICAL PATCH Act Now

Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Authentication Bypass Idrac9 Firmware
NVD
CVSS 3.1
10.0
EPSS
1.7%
CVE-2021-37578 CRITICAL PATCH Act Now

Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Apache Java Juddi
NVD
CVSS 3.1
9.8
EPSS
4.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy