Skip to main content
CVE-2021-38366 HIGH POC This Week

Sitecore through 10.1, when Update Center is enabled, allows remote authenticated users to upload arbitrary files and achieve remote code execution by visiting an uploaded .aspx file at an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Sitecore
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2021-38614 HIGH POC This Week

Polipo through 1.1.1, when NDEBUG is used, allows a heap-based buffer overflow during parsing of a Range header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Polipo
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-36942 HIGH POC KEV PATCH THREAT This Week

Windows LSA Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows Server 2004 Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
7.5
EPSS
66.0%
CVE-2021-38604 HIGH POC PATCH This Week

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Glibc Fedora Communications Cloud Native Core Binding Support Function +5
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-38291 HIGH POC This Week

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ffmpeg Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2021-37678 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Python RCE Tensorflow
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-36947 HIGH PATCH This Week

Windows Print Spooler Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
7.0%
CVE-2021-36936 HIGH PATCH This Week

Windows Print Spooler Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
6.8%
CVE-2021-36921 HIGH This Week

AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Application Insight Manager
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-34535 HIGH PATCH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Remote Desktop Client Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
18.4%
CVE-2021-36982 HIGH This Week

AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Application Insight Manager
NVD GitHub
CVSS 3.1
8.1
EPSS
2.5%
CVE-2021-34524 HIGH PATCH This Week

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Dynamics 365
NVD
CVSS 3.1
8.1
EPSS
3.3%
CVE-2021-37679 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37665 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37663 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37681 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37676 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37671 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37667 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37666 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37652 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37648 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37662 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37659 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37658 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37657 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37656 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37651 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37650 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37639 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37638 HIGH PATCH This Week

TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-36958 HIGH PATCH This Week

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows
NVD
CVSS 3.1
7.8
EPSS
31.7%
CVE-2021-36948 HIGH KEV PATCH THREAT This Week

Windows Update Medic Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1809 Windows 10 1909 Windows 10 2004 +5
NVD
CVSS 3.1
7.8
EPSS
19.9%
CVE-2021-36941 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-36937 HIGH PATCH This Week

Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-36927 HIGH PATCH This Week

Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-34537 HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-34536 HIGH PATCH This Week

Storage Spaces Controller Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-34533 HIGH PATCH This Week

Windows Graphics Component Font Parsing Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-34530 HIGH PATCH This Week

Windows Graphics Component Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-34486 HIGH KEV PATCH THREAT This Week

Windows Event Tracing Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Memory Corruption Information Disclosure Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
7.4%
CVE-2021-34484 HIGH KEV PATCH THREAT This Week

Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
14.4%
CVE-2021-34483 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-34478 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office
NVD
CVSS 3.1
7.8
EPSS
54.4%
CVE-2021-34471 HIGH PATCH This Week

Microsoft Windows Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Malware Protection Engine
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-26431 HIGH PATCH This Week

Windows Recovery Environment Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-26425 HIGH PATCH This Week

Windows Event Tracing Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-27794 HIGH This Week

A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Fabric Operating System
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-27792 HIGH This Week

The request handling functions in web management interface of Brocade Fabric OS versions before v9.0.1a, v8.2.3a, and v7.4.2h do not properly handle malformed user input, resulting in a service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Fabric Operating System
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-27790 HIGH This Week

The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Fabric Operating System
NVD
CVSS 3.1
7.8
EPSS
0.5%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy