Skip to main content
CVE-2021-20837 CRITICAL POC THREAT Act Now

Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Movable Type
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
88.1%
CVE-2021-34584 CRITICAL POC Act Now

Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow 750 823 Firmware 750 829 Firmware 750 831 Firmware 750 832 Firmware +24
NVD
CVSS 3.1
9.1
EPSS
1.1%
CVE-2021-41873 CRITICAL Act Now

Penguin Aurora TV Box 41502 is a high-end network HD set-top box produced by Tencent Video and Skyworth Digital. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Penguin Aurora Box Firmware
NVD
CVSS 3.1
10.0
EPSS
0.9%
CVE-2021-37371 CRITICAL Act Now

Online Student Admission System 1.0 is affected by an unauthenticated SQL injection bypass vulnerability in /admin/login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Online Student Admission System
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-26607 CRITICAL Act Now

An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nexacro
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-42343 CRITICAL PATCH Act Now

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python RCE Dask
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy