Skip to main content
CVE-2021-42772 CRITICAL POC Act Now

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Broadcom Emulex Hba Manager One Command Manager
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-41492 CRITICAL POC Act Now

Multiple SQL Injection vulnerabilities exist in Sourcecodester Simple Cashiering System (POS) 1.0 via the (1) Product Code in the pos page in cashiering. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Cashiering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-43140 CRITICAL POC Act Now

SQL Injection vulnerability exists in Sourcecodester. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Simple Subscription Website
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
4.7%
CVE-2021-23820 CRITICAL POC PATCH Act Now

This affects all versions of package json-pointer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Authentication Bypass Json Pointer
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-23807 CRITICAL POC PATCH Act Now

This affects the package jsonpointer before 5.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Authentication Bypass Jsonpointer
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-23624 CRITICAL POC PATCH Act Now

This affects the package dotty before 0.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Authentication Bypass Dotty
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-23509 CRITICAL POC PATCH Act Now

This affects the package json-ptr before 3.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Authentication Bypass Json Ptr
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-43130 CRITICAL POC Act Now

An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username parameter in customer/login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Customer Relationship Management System
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-43082 CRITICAL PATCH Act Now

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory.1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apache Traffic Server
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-40849 CRITICAL Act Now

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web services token is vulnerable to being exploited and logged into, resulting in information disclosure (at a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mahara
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-39238 CRITICAL Act Now

Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow HP Futuresmart 3 Futuresmart 4 Futuresmart 5
NVD
CVSS 3.1
9.8
EPSS
12.1%
CVE-2021-41036 CRITICAL PATCH Act Now

In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check rem_len size in readpacket. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Paho Mqtt C C Client
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-20704 CRITICAL Act Now

Buffer overflow vulnerability in the compatible API with previous versions CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Clusterpro X Clusterpro X Singleserversafe +2
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-20703 CRITICAL Act Now

Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Clusterpro X Clusterpro X Singleserversafe +2
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-20702 CRITICAL Act Now

Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Clusterpro X Clusterpro X Singleserversafe +2
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-20701 CRITICAL Act Now

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Clusterpro X Clusterpro X Singleserversafe +2
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-20700 CRITICAL Act Now

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Clusterpro X Clusterpro X Singleserversafe +2
NVD
CVSS 3.1
9.8
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy