Skip to main content
CVE-2021-40719 CRITICAL Act Now

Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Adobe Connect
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2021-42740 CRITICAL PATCH Act Now

The shell-quote package before 1.7.3 for Node.js allows command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Node.js Command Injection Shell Quote
NVD GitHub
CVSS 3.1
9.8
EPSS
4.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy