Skip to main content
CVE-2021-23444 CRITICAL POC PATCH Act Now

This affects the package jointjs before 3.4.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Authentication Bypass Jointjs
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-37424 CRITICAL PATCH Act Now

ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account takeover. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Zoho Information Disclosure Manageengine Admanager Plus
NVD
CVSS 3.1
9.8
EPSS
4.6%
CVE-2021-28960 CRITICAL Act Now

Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho Command Injection Desktop Central
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-0869 CRITICAL Act Now

In GetTimeStampAndPkt of DumpstateDevice.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Google Android
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-31917 CRITICAL Act Now

A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat Authentication Bypass Infinispan Server Rest Data Grid
NVD
CVSS 3.1
9.8
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy