Skip to main content
CVE-2021-23452 CRITICAL POC Act Now

This affects all versions of package x-assign. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure X Assign
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-35652 CRITICAL PATCH Act Now

Vulnerability in the Essbase Administration Services product of Oracle Essbase (component: EAS Console). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Essbase Administration Services
NVD
CVSS 3.1
10.0
EPSS
1.8%
CVE-2021-41163 CRITICAL PATCH Act Now

Discourse is an open source platform for community discussion. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Discourse
NVD GitHub
CVSS 3.1
9.8
EPSS
19.8%
CVE-2021-21749 CRITICAL Act Now

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Zte Memory Corruption RCE Mf971R Firmware
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-21748 CRITICAL Act Now

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Zte Memory Corruption RCE Mf971R Firmware
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-35617 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-42766 CRITICAL Act Now

The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when this adversary has. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Proof Of Stake Ethereum
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2021-42764 CRITICAL Act Now

The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the profits of individual. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Proof Of Stake Ethereum
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2021-30304 CRITICAL Act Now

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Qca2062 Firmware Qca2064 Firmware +11
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2021-1980 CRITICAL PATCH Act Now

Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8053 Firmware Apq8064au Firmware +217
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2021-1977 CRITICAL PATCH Act Now

Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +126
NVD
CVSS 3.1
9.1
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy