Skip to main content
CVE-2021-38085 HIGH POC Act Now

The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Pixma Tr150 Firmware
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-32439 HIGH POC PATCH This Week

Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Denial Of Service Gpac
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-37694 HIGH POC PATCH MAL This Week

@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Java Java Spring Cloud Stream Template
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-3050 HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-38539 HIGH This Week

Certain NETGEAR devices are affected by privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Privilege Escalation D8500 Firmware R6400 Firmware R6700 Firmware +9
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-38589 HIGH This Week

In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cpanel
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-38588 HIGH This Week

In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC-587). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Cpanel
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2021-32122 HIGH This Week

Certain NETGEAR devices are affected by CSRF. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

CSRF Netgear Ex3700 Firmware Ex3800 Firmware Ex6120 Firmware +1
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2021-36770 HIGH PATCH This Week

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure P5 Encode Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-38571 HIGH This Week

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Foxit Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-1107 HIGH This Week

NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Linux RCE Nvidia Denial Of Service Jetson Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-1106 HIGH This Week

NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Linux Memory Corruption Information Disclosure +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-32947 HIGH This Week

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Fvdesigner
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-32939 HIGH This Week

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Fvdesigner
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-32931 HIGH This Week

An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Fvdesigner
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-0196 HIGH PATCH This Week

Improper access control in kernel mode driver for some Intel(R) NUC 9 Extreme Laptop Kits before version 2.2.0.20 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapqc71A Firmware Lapqc71B Firmware Lapqc71C Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0160 HIGH PATCH This Week

Uncontrolled search path in some Intel(R) NUC Pro Chassis Element AverMedia Capture Card drivers before version 3.0.64.143 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Avermedia Capture Card
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0084 HIGH This Week

Improper input validation in the Intel(R) Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Ethernet Controller E810 Firmware X722Da2 Firmware X722Da4Fh Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-0062 HIGH This Week

Improper input validation in some Intel(R) Graphics Drivers before version 27.20.100.8935 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0061 HIGH This Week

Improper initialization in some Intel(R) Graphics Driver before version 27.20.100.9030 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-38587 HIGH This Week

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Cpanel
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-38569 HIGH This Week

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Foxit Reader Phantompdf
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-38567 HIGH This Week

An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Apple Denial Of Service Pdf Reader Pdf Editor
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-38566 HIGH This Week

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-38565 HIGH This Week

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-20427 HIGH This Week

IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Security Guardium
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-38526 HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax35 Firmware Rax38 Firmware Rax40 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-38515 HIGH This Week

Certain NETGEAR devices are affected by denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service R6400 Firmware R6700 Firmware R7900 Firmware +1
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-1108 HIGH This Week

NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity,. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Linux Integer Overflow Nvidia Denial Of Service Jetson Linux +1
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2021-38585 HIGH This Week

The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Cpanel
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-38584 HIGH This Week

The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Cpanel
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2021-37627 HIGH PATCH This Week

Contao is an open source CMS that allows creation of websites and scalable web applications. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Contao
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-37626 HIGH PATCH This Week

Contao is an open source CMS that allows you to create websites and scalable web applications. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE PHP Code Injection Contao
NVD GitHub
CVSS 3.1
7.2
EPSS
1.3%
CVE-2021-38532 HIGH This Week

NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure Wac104 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2021-38531 HIGH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware R6020 Firmware +9
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2021-38525 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption D3600 Firmware D6000 Firmware +24
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-38523 HIGH This Week

NETGEAR R6400 devices before 1.0.1.70 are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption R6400 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2021-38522 HIGH This Week

NETGEAR R6400 devices before 1.0.1.52 are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption R6400 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2021-38521 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware R7900P Firmware R8000P Firmware +2
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2021-38520 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware R6700 Firmware R6900 Firmware +1
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2021-38519 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6250 Firmware R6300 Firmware R6400 Firmware +11
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2021-38518 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Rax200 Firmware Rax75 Firmware Rax80 Firmware +3
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2021-38517 HIGH This Week

Certain NETGEAR devices are affected by out-of-bounds reads and writes. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Information Disclosure R6400 Firmware Rax75 Firmware +2
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2021-1110 HIGH This Week

NVIDIA Linux kernel distributions on Jetson Xavier contain a vulnerability in camera firmware where a user can change input data after validation, which may lead to complete denial of service and. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Linux Nvidia Denial Of Service Jetson Linux
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2021-0002 HIGH This Week

Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure or denial. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Information Disclosure Ethernet Controller E810 Firmware Fedora
NVD
CVSS 3.1
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy