Skip to main content
CVE-2021-41847 HIGH POC This Week

An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Infinias Access Control
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-41648 HIGH POC THREAT This Week

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Shopping System Advanced
NVD GitHub
CVSS 3.1
7.5
EPSS
10.0%
CVE-2021-41459 HIGH POC This Week

There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Mp4Box
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-41457 HIGH POC This Week

There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Mp4Box
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-41456 HIGH POC This Week

There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Mp4Box
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-29108 HIGH This Week

There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below that may allow a remote, authenticated attacker who is able to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Jwt Attack Portal For Arcgis
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-3626 HIGH PATCH This Week

The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Privilege Escalation Multipass
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2021-38110 HIGH This Week

Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Wordperfect 2020
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-38101 HIGH This Week

CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Photopaint 2020
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-38100 HIGH This Week

Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Photopaint 2020
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-38098 HIGH This Week

Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Fusion
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-38103 HIGH This Week

IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Presentations 2020
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-38099 HIGH This Week

CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Photopaint 2020
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-38096 HIGH This Week

Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Fusion
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-38097 HIGH This Week

Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Fusion
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-35297 HIGH This Week

Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to remote code execution via a crafted DBF file that triggers a buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Dbase Viewer
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-23893 HIGH This Week

Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Drive Encryption
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-3747 HIGH PATCH This Week

The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Apple Information Disclosure Multipass
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-33626 HIGH This Week

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Insydeh2o Ruggedcom Apr1808 Firmware Simatic Field Pg M5 Firmware Simatic Field Pg M6 Firmware +13
NVD
CVSS 3.1
7.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy