Skip to main content
CVE-2021-3858 HIGH POC PATCH This Week

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Snipe It
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-3846 HIGH POC PATCH This Week

firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Firefly Iii
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-41131 HIGH POC PATCH This Week

python-tuf is a Python reference implementation of The Update Framework (TUF). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Python Path Traversal The Update Framework
NVD GitHub
CVSS 3.1
8.7
EPSS
1.4%
CVE-2021-3889 HIGH POC PATCH This Week

libmobi is vulnerable to Use of Out-of-range Pointer Offset. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Libmobi
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-3888 HIGH POC PATCH This Week

libmobi is vulnerable to Use of Out-of-range Pointer Offset. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Libmobi
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-3872 HIGH POC PATCH This Week

vim is vulnerable to Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-3455 HIGH POC This Week

Disconnecting L2CAP channel right after invalid ATT request leads freeze. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Zephyr
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-31379 HIGH POC This Week

An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-31353 HIGH POC This Week

An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Juniper Junos Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-3869 HIGH POC PATCH This Week

corenlp is vulnerable to Improper Restriction of XML External Entity Reference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XXE Corenlp
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-31385 HIGH This Week

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J-Web of Juniper Networks Junos OS allows any low-privileged authenticated attacker to elevate their. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Juniper Junos
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-31372 HIGH This Week

An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Juniper Junos
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-31354 HIGH This Week

An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Juniper Information Disclosure Denial Of Service +2
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2021-31350 HIGH PATCH This Week

An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Juniper Junos Junos Os Evolved
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-38480 HIGH This Week

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Ir615 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-38486 HIGH This Week

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self-registration of the affected product without any requirements to create an account, which may allow an. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Ir615 Firmware
NVD
CVSS 3.1
8.5
EPSS
0.8%
CVE-2021-41149 HIGH PATCH This Week

Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Tough
NVD GitHub
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-31359 HIGH This Week

A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Juniper Privilege Escalation Stack Overflow Denial Of Service +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-31358 HIGH This Week

A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Juniper Junos Os Evolved
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-31357 HIGH This Week

A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Juniper Junos Os Evolved
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-31356 HIGH This Week

A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Juniper Junos Os Evolved
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-30849 HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Microsoft Memory Corruption +7
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-30848 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Safari +3
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-30847 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft RCE Itunes Ipados +5
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-30846 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Safari +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30843 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30842 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30841 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30838 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30837 HIGH This Week

A memory consumption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Tvos
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-30835 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft RCE Itunes Ipados +5
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-30832 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-30830 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-30829 HIGH This Week

A URI parsing issue was addressed with improved parsing. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-30827 HIGH This Week

A permissions issue existed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-30825 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-30807 HIGH KEV THREAT This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +3
NVD
CVSS 3.1
7.8
EPSS
28.8%
CVE-2021-36512 HIGH PATCH This Week

An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS, which may allow attackers to view sensitive information due to an uninitialized value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Bulletin Board System
NVD VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-3454 HIGH PATCH This Week

Truncated L2CAP K-frame causes assertion failure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Zephyr
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-31383 HIGH This Week

In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Stack Overflow Juniper Junos +1
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-31378 HIGH PATCH This Week

In broadband environments, including but not limited to Enhanced Subscriber Management, (CHAP, PPP, DHCP, etc.), on Juniper Networks Junos OS devices where RADIUS servers are configured for managing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-31376 HIGH This Week

An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-31374 HIGH This Week

On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Juniper Junos +1
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-31368 HIGH This Week

An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-31351 HIGH This Week

An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-0299 HIGH This Week

An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-32663 HIGH PATCH This Week

iTop is an open source web based IT Service Management tool. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Itop
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-37137 HIGH PATCH This Week

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Netty Banking Apis Banking Digital Experience Commerce Guided Search +8
NVD GitHub
CVSS 3.1
7.5
EPSS
6.3%
CVE-2021-37136 HIGH PATCH This Week

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Netty Quarkus Banking Apis Banking Digital Experience +15
NVD GitHub
CVSS 3.1
7.5
EPSS
5.7%
CVE-2021-30844 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.5
EPSS
1.7%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy