Skip to main content
CVE-2021-37364 HIGH POC This Week

OpenClinic GA 5.194.18 is affected by Insecure Permissions. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Openclinic Ga
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-37363 HIGH POC This Week

An Insecure Permissions issue exists in Gestionale Open 11.00.00. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Gestionale Open
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-41078 HIGH POC PATCH This Week

Nameko through 2.13.0 can be tricked into performing arbitrary code execution when deserializing the config file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE Nameko
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-40343 HIGH POC This Week

An issue was discovered in Nagios XI 5.8.5. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nagios Xi
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-41158 HIGH POC PATCH This Week

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Freeswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-34593 HIGH POC This Week

In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 750 8202 Firmware 750 8203 Firmware 750 8204 Firmware 750 8206 Firmware +11
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2021-34586 HIGH POC THREAT This Week

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service 750 823 Firmware 750 829 Firmware 750 831 Firmware +25
NVD
CVSS 3.1
7.5
EPSS
13.1%
CVE-2021-34585 HIGH POC This Week

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service 750 823 Firmware 750 829 Firmware 750 831 Firmware 750 832 Firmware +24
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-34583 HIGH POC This Week

Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow 750 8214 Firmware 750 8216 Firmware 750 8217 Firmware +25
NVD
CVSS 3.1
7.5
EPSS
8.4%
CVE-2021-40345 HIGH POC THREAT This Week

An issue was discovered in Nagios XI 5.8.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Nagios Xi
NVD GitHub
CVSS 3.1
7.2
EPSS
23.0%
CVE-2021-40344 HIGH POC THREAT This Week

An issue was discovered in Nagios XI 5.8.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Nagios Xi
NVD
CVSS 3.1
7.2
EPSS
66.2%
CVE-2021-37372 HIGH This Week

Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE PHP File Upload Online Student Admission System
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2021-34595 HIGH This Week

A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption 750 823 Firmware 750 829 Firmware 750 831 Firmware +27
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-23877 HIGH This Week

Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation RCE Total Protection
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-26609 HIGH This Week

A vulnerability was found in Mangboard(WordPress plugin). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi Mang Board
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-41307 HIGH PATCH This Week

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Atlassian Authentication Bypass Jira Jira Server Jira Software Data Center
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-41306 HIGH PATCH This Week

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Atlassian Authentication Bypass Jira Jira Server Jira Software Data Center
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-41305 HIGH PATCH This Week

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view the names of private projects and filters via an Insecure Direct Object References (IDOR). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Atlassian Authentication Bypass Jira Jira Software Data Center
NVD
CVSS 3.1
7.5
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy