Skip to main content
CVE-2021-23437 HIGH POC PATCH This Week

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Pillow Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
3.2%
CVE-2021-39191 MEDIUM POC PATCH This Month

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Apache Mod Auth Openidc Fedora Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
1.8%
CVE-2021-40494 CRITICAL Act Now

A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI through 2.1.3 allows attackers to gain admin access to the host system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Lxdui
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-30624 HIGH PATCH This Week

Chromium: CVE-2021-30624 Use after free in Autofill. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30623 HIGH PATCH This Week

Chromium: CVE-2021-30623 Use after free in Bookmarks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2021-30622 HIGH PATCH This Week

Chromium: CVE-2021-30622 Use after free in WebApp Installs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30620 HIGH PATCH This Week

Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30618 HIGH PATCH This Week

Chromium: CVE-2021-30618 Inappropriate implementation in DevTools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30616 HIGH PATCH This Week

Chromium: CVE-2021-30616 Use after free in Media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-30614 HIGH PATCH This Week

Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Google Fedora Edge +1
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2021-30613 HIGH PATCH This Week

Chromium: CVE-2021-30613 Use after free in Base internals. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30612 HIGH PATCH This Week

Chromium: CVE-2021-30612 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-30611 HIGH PATCH This Week

Chromium: CVE-2021-30611 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-30610 HIGH PATCH This Week

Chromium: CVE-2021-30610 Use after free in Extensions API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30609 HIGH PATCH This Week

Chromium: CVE-2021-30609 Use after free in Sign-In. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-30608 HIGH PATCH This Week

Chromium: CVE-2021-30608 Use after free in Web Share. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30607 HIGH PATCH This Week

Chromium: CVE-2021-30607 Use after free in Permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30606 HIGH PATCH This Week

Chromium: CVE-2021-30606 Use after free in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Edge +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-39192 HIGH PATCH This Week

Ghost is a Node.js content management system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Node.js Information Disclosure Ghost
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-40490 HIGH PATCH This Week

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition Linux Kernel Fedora +14
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2021-40491 MEDIUM PATCH This Month

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inetutils Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-30621 MEDIUM PATCH This Month

Chromium: CVE-2021-30621 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.5%
CVE-2021-30619 MEDIUM PATCH This Month

Chromium: CVE-2021-30619 UI Spoofing in Autofill. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.5%
CVE-2021-30617 MEDIUM PATCH This Month

Chromium: CVE-2021-30617 Policy bypass in Blink. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2021-30615 MEDIUM PATCH This Month

Chromium: CVE-2021-30615 Cross-origin data leak in Navigation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
6.5
EPSS
5.6%
CVE-2021-40492 MEDIUM This Month

A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Gibbon
NVD GitHub
CVSS 3.1
6.1
EPSS
2.3%
CVE-2021-39193 MEDIUM PATCH This Month

Frontier is Substrate's Ethereum compatibility layer. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Frontier
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy