Skip to main content
CVE-2021-28604 HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2021-28603 HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2021-28602 HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-28554 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
46.0%
CVE-2021-28552 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
4.7%
CVE-2021-28551 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds read vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2021-30938 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2021-39156 HIGH PATCH This Week

Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Istio
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-39155 HIGH PATCH This Week

Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Istio
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-32781 HIGH This Week

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Buffer Overflow Memory Corruption Denial Of Service Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-32780 HIGH This Week

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-32778 HIGH This Week

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-31010 HIGH KEV THREAT This Week

A deserialization issue was addressed through improved validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2021-31005 HIGH This Week

Description: A logic issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-30997 HIGH This Week

A S/MIME issue existed in the handling of encrypted email. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-30984 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple RCE Race Condition Safari Ipados +6
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-30966 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-30924 HIGH This Week

A denial of service issue was addressed with improved state handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2021-30882 HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Watchos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-30874 HIGH This Week

An authorization issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-28626 HIGH This Week

Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by an Improper Authorization vulnerability allowing users to create nodes under a location. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Experience Manager
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-39137 HIGH PATCH This Week

go-ethereum is the official Go implementation of the Ethereum protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Canonical Information Disclosure Go Ethereum
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-30888 HIGH This Week

An information leakage issue was addressed. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Open Redirect Ipad Os Ipados Iphone Os +3
NVD
CVSS 3.1
7.4
EPSS
1.7%
CVE-2021-30880 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2021-30879 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2021-30877 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2021-30876 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2021-28614 HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Adobe After Effects
NVD
CVSS 3.1
7.1
EPSS
1.7%
CVE-2021-28612 HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Adobe After Effects
NVD
CVSS 3.1
7.1
EPSS
1.7%
CVE-2021-28616 HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Adobe After Effects
NVD
CVSS 3.1
7.1
EPSS
1.7%
CVE-2021-28611 HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Adobe After Effects
NVD
CVSS 3.1
7.1
EPSS
1.7%
CVE-2021-31004 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition macOS
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2021-30996 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +1
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-30995 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Race Condition Ipados Iphone Os +4
NVD
CVSS 3.1
7.0
EPSS
2.3%
CVE-2021-30955 HIGH POC This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +3
NVD
CVSS 3.1
7.0
EPSS
4.6%
CVE-2021-30933 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition macOS
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-30923 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +1
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-30899 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Mac Os X macOS
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-30868 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition macOS
NVD
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-30857 HIGH This Week

A race condition was addressed with improved locking. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Apple RCE Race Condition Ipados Iphone Os +4
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2021-30863 MEDIUM This Month

This issue was addressed by improving Face ID anti-spoofing models. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2021-31001 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-30965 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Mac Os X macOS
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-30897 MEDIUM This Month

An issue existed in the specification for the resource timing API. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-30887 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +4
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2021-30870 MEDIUM This Month

A logic issue existed in the handling of document loads. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-30866 MEDIUM This Month

A user privacy issue was addressed by removing the broadcast MAC address. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-30890 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Ipados Iphone Os macOS +4
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2021-30862 MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Itunes U
NVD
CVSS 3.1
6.1
EPSS
1.8%
CVE-2021-28633 MEDIUM This Month

Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Creative Cloud Desktop Application
NVD
CVSS 3.1
6.1
EPSS
0.5%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy