Skip to main content
CVE-2021-38714 HIGH POC This Week

In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Plib Debian Linux Extra Packages For Enterprise Linux +1
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2021-39376 HIGH POC This Week

Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Tasy Electronic Medical Record
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-39375 HIGH POC This Week

Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Tasy Electronic Medical Record
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-38557 HIGH POC This Week

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Raspap
NVD GitHub
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-38556 HIGH POC THREAT This Week

includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Raspap
NVD GitHub
CVSS 3.1
8.8
EPSS
13.0%
CVE-2021-30952 HIGH POC KEV THREAT This Week

An integer overflow was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Integer Overflow RCE Safari Ipados +8
NVD
CVSS 3.1
7.8
EPSS
7.6%
CVE-2021-32263 HIGH POC This Week

ok-file-formats through 2021-04-29 has a heap-based buffer overflow in the ok_csv_circular_buffer_read function in ok_csv.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Ok File Formats
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-39157 HIGH POC PATCH This Week

detect-character-encoding is an open source character encoding inspection library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Node.js Detect Character Encoding
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-36690 HIGH POC This Week

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Sqlite Zfs Storage Appliance Kit Iphone Os macOS +2
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-38612 HIGH POC This Week

In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Remkon Device Manager
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-23430 HIGH POC This Week

All versions of package startserver are vulnerable to Directory Traversal due to missing sanitization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Startserver
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2021-23429 HIGH POC This Week

All versions of package transpile are vulnerable to Denial of Service (DoS) due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Transpile
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-3712 HIGH PATCH CISA GHSA Act Now

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Denial Of Service Buffer Overflow OpenSSL
NVD VulDB
CVSS 3.1
7.4
EPSS
0.4%
CVE-2021-31008 HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption Safari Ipados +4
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-30953 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Safari +7
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-30951 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +8
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-30936 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +8
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-30935 HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Mac Os X macOS
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-30934 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Safari Ipados +6
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2021-30889 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +3
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-30858 HIGH KEV THREAT This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +5
NVD
CVSS 3.1
8.8
EPSS
13.5%
CVE-2021-30852 HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption Ipados Iphone Os +3
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-30851 HIGH This Week

A memory corruption vulnerability was addressed with improved locking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Safari +7
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-28627 HIGH This Week

Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Server-side Request Forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Adobe Experience Manager
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-23431 HIGH PATCH This Week

The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Joplin
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-30975 HIGH This Week

This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X macOS
NVD
CVSS 3.1
8.6
EPSS
1.8%
CVE-2021-30864 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
8.6
EPSS
1.5%
CVE-2021-30854 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Tvos +1
NVD
CVSS 3.1
8.6
EPSS
1.3%
CVE-2021-32779 HIGH This Week

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Envoy
NVD GitHub
CVSS 3.1
8.3
EPSS
0.9%
CVE-2021-32777 HIGH This Week

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Envoy
NVD GitHub
CVSS 3.1
8.3
EPSS
3.3%
CVE-2021-30993 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +3
NVD
CVSS 3.1
8.1
EPSS
2.4%
CVE-2021-31002 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-30991 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30985 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30983 HIGH KEV THREAT This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-30981 HIGH This Week

A buffer overflow was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-30980 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +6
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-30979 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-30977 HIGH This Week

A buffer overflow was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-30971 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30969 HIGH This Week

A path handling issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30958 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30957 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30954 HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption Safari Ipados +6
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-30949 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +4
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-30945 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-30942 HIGH This Week

Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-30939 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +5
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2021-30937 HIGH This Week

A memory corruption vulnerability was addressed with improved locking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +5
NVD
CVSS 3.1
7.8
EPSS
18.0%
CVE-2021-30928 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.4%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy