Skip to main content
CVE-2021-33938 HIGH POC This Week

Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-33930 HIGH POC This Week

Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-33929 HIGH POC This Week

Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-33928 HIGH POC This Week

Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Libsolv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-28565 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Adobe Acrobat Dc +3
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2021-28564 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Write vulnerability within the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat Dc +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2021-28561 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a memory corruption vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat Dc +3
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2021-28560 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Adobe Acrobat Dc +3
NVD
CVSS 3.1
8.8
EPSS
66.9%
CVE-2021-28558 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Heap-based buffer overflow vulnerability in the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Adobe Acrobat Dc +3
NVD
CVSS 3.0
8.8
EPSS
10.4%
CVE-2021-28553 HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2021-28550 HIGH KEV THREAT This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
8.8
EPSS
52.0%
CVE-2021-36017 HIGH PATCH This Week

Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-35996 HIGH PATCH This Week

Adobe After Effects version 18.2.1 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-35994 HIGH PATCH This Week

Adobe After Effects version 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-35993 HIGH PATCH This Week

Adobe After Effects version 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-22775 HIGH PATCH This Week

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Gp Pro Ex
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-21086 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.1
7.8
EPSS
4.7%
CVE-2021-22792 HIGH PATCH This Week

A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Null Pointer Dereference Modicon M340 Bmxp341000 Modicon M340 Bmxp342010 Modicon M340 Bmxp342020 +46
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-39187 HIGH PATCH This Week

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Node.js Parse Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2021-31796 HIGH This Week

An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Credential Provider
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2021-22793 HIGH PATCH This Week

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Accusine Pcsp Pfvp Firmware Accusine Pcsn Active Harmonic Filter Firmware
NVD
CVSS 3.1
7.2
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy