Skip to main content
CVE-2021-28021 HIGH POC This Week

Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Stb Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-41147 HIGH POC PATCH This Week

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Tuleap
NVD GitHub
CVSS 3.1
7.2
EPSS
1.8%
CVE-2021-29745 HIGH PATCH This Week

IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the 'New Job' page to which they should not have access to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Cognos Analytics Oncommand Insight
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2021-29679 HIGH PATCH This Week

IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

IBM RCE Code Injection Cognos Analytics Oncommand Insight
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-41148 HIGH PATCH This Week

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Tuleap
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-37737 HIGH This Week

A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Aruba Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-42334 HIGH This Week

The Easytest contains SQL injection vulnerabilities. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Easytest Online Learning Test Platform
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-42333 HIGH This Week

The Easytest contains SQL injection vulnerabilities. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Easytest Online Learning Test Platform
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-42330 HIGH This Week

The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xinhe Teaching Platform System
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-40993 HIGH This Week

A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Aruba Clearpass Policy Manager
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-40731 HIGH This Week

Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
8.0%
CVE-2021-40728 HIGH This Week

Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
53.5%
CVE-2021-40724 HIGH PATCH This Week

Acrobat Reader for Android versions 21.8.0 (and earlier) are affected by a Path traversal vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google RCE Path Traversal Adobe Acrobat Reader
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2021-40989 HIGH This Week

A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-37738 HIGH This Week

A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Clearpass Policy Manager
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-40998 HIGH This Week

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-40991 HIGH This Week

A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2021-40992 HIGH This Week

A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2021-40988 HIGH This Week

A remote directory traversal vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
3.8%
CVE-2021-40987 HIGH This Week

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-40986 HIGH This Week

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-37739 HIGH This Week

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-40999 HIGH This Week

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy