Skip to main content
CVE-2021-40524 HIGH POC PATCH This Week

In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service File Upload Pure Ftpd
NVD GitHub
CVSS 3.1
7.5
EPSS
4.3%
CVE-2021-40523 HIGH PATCH This Week

In Contiki 3.0, Telnet option negotiation is mishandled. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Contiki
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-40516 HIGH PATCH This Week

WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Weechat Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-23439 MEDIUM PATCH This Month

This affects the package file-upload-with-preview before 4.2.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS File Upload With Preview
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy