Skip to main content
CVE-2021-36440 CRITICAL POC PATCH Act Now

Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Showdoc
NVD GitHub
CVSS 3.1
9.8
EPSS
4.8%
CVE-2021-21897 HIGH POC This Week

A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow RCE Dxflib Extra Packages For Enterprise Linux +2
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2021-23404 HIGH POC This Week

This affects all versions of package sqlite-web. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Sqlite Web
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-30657 MEDIUM POC KEV THREAT This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
68.5%
CVE-2021-40346 HIGH POC PATCH THREAT This Week

An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Haproxy Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
57.9%
CVE-2021-40797 MEDIUM POC PATCH This Month

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Neutron
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2021-40818 CRITICAL PATCH Act Now

scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Glewlwyd Sso Server
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-40814 CRITICAL Act Now

The Customer Photo Gallery addon before 2.9.4 for PrestaShop is vulnerable to SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Customer Photo Gallery
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-30690 CRITICAL Act Now

Multiple issues in apache were addressed by updating apache to version 2.4.46. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Mac Os X
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-30678 CRITICAL Act Now

A logic issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Mac Os X macOS
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-30655 CRITICAL Act Now

An application may be able to execute arbitrary code with system privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Mac Os X macOS
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-1882 CRITICAL Act Now

A memory corruption issue was addressed with improved validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption Ipados Iphone Os +4
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-1864 CRITICAL Act Now

A use after free issue was addressed with improved memory management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +4
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-1834 CRITICAL Act Now

An out-of-bounds write issue was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Mac Os X +1
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2021-1829 CRITICAL Act Now

A type confusion issue was addressed with improved state handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption macOS
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-1770 CRITICAL Act Now

A buffer overflow may result in arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +3
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2021-30805 CRITICAL Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Mac Os X +1
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2021-30793 CRITICAL Act Now

A logic issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Mac Os X macOS
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2021-1972 CRITICAL PATCH Act Now

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +274
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-1920 CRITICAL Act Now

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Integer Overflow Information Disclosure Apq8009 Firmware Apq8009W Firmware +169
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-1919 CRITICAL Act Now

Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Integer Overflow Information Disclosure Apq8009 Firmware Apq8009W Firmware +153
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-1916 CRITICAL Act Now

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Firmware Apq8009W Firmware +180
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-1810 MEDIUM POC This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Authentication Bypass Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2021-36695 MEDIUM POC This Month

Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in the download file feature on a manager profile due to lack of input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Deskpro
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-38388 HIGH PATCH This Week

Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Privilege Escalation Authentication Bypass Central Dogma
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-28571 HIGH This Week

Adobe After Effects version 18.1 (and earlier) is affected by a potential Command injection vulnerability when chained with a development and debugging tool for JavaScript scripts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Adobe After Effects
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2021-21105 HIGH This Week

Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Illustrator
NVD
CVSS 3.1
8.8
EPSS
5.9%
CVE-2021-21104 HIGH This Week

Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Illustrator
NVD
CVSS 3.1
8.8
EPSS
4.9%
CVE-2021-21103 HIGH This Week

Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Illustrator
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2021-30707 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +3
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-30688 HIGH This Week

A malicious application may be able to break out of its sandbox. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2021-30677 HIGH This Week

This issue was addressed with improved environment sanitization. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2021-30666 HIGH KEV THREAT This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Iphone Os
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2021-30665 HIGH KEV THREAT This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +4
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-30663 HIGH KEV THREAT This Week

An integer overflow was addressed with improved input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Integer Overflow RCE Safari Ipados +3
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-30661 HIGH KEV THREAT This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +6
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2021-1876 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +2
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-1874 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-1867 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +2
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-1851 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Privilege Escalation Ipados Iphone Os +4
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-1817 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +4
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-35217 HIGH This Week

Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Patch Manager
NVD
CVSS 3.1
8.8
EPSS
73.9%
CVE-2021-30802 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +2
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-30800 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Denial Of Service Iphone Os
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-30799 HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Iphone Os +2
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-30797 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Safari Ipados Iphone Os +3
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-30795 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +5
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-30762 HIGH KEV THREAT This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
11.0%
CVE-2021-30761 HIGH KEV THREAT This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Iphone Os
NVD
CVSS 3.1
8.8
EPSS
10.6%
CVE-2021-30758 HIGH This Week

A type confusion issue was addressed with improved state handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption Safari Iphone Os +3
NVD
CVSS 3.1
8.8
EPSS
1.6%
Page 1 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy