Skip to main content
CVE-2021-41773 CRITICAL POC KEV PATCH THREAT Act Now

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Path Traversal RCE Http Server Fedora +2
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
100.0%
CVE-2021-3625 CRITICAL POC Act Now

Buffer overflow in Zephyr USB DFU DNLOAD. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Zephyr
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-3319 CRITICAL POC Act Now

DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Zephyr
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-41116 CRITICAL PATCH Act Now

Composer is an open source dependency manager for the PHP language. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Microsoft PHP Command Injection Composer Tenable Sc
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2021-41553 CRITICAL Act Now

In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web Application in /archibus/login.axvw assign a session token that could be already in use by another user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Web Central
NVD
CVSS 3.1
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy