Skip to main content
CVE-2021-36908 HIGH POC This Week

Cross-Site Request Forgery (CSRF) vulnerability in WebFactory Ltd. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Wp Reset Pro
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-36909 HIGH POC This Week

Authenticated Database Reset vulnerability in WordPress WP Reset PRO Premium plugin (versions <= 5.98) allows any authenticated user to wipe the entire database regardless of their authorization. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Wp Reset Pro
NVD
CVSS 3.1
8.1
EPSS
1.8%
CVE-2021-37322 HIGH POC This Week

GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Binutils Gcc
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-39928 HIGH POC This Week

NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
5.5%
CVE-2021-39920 HIGH POC This Week

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Fedora
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2021-43667 HIGH POC PATCH This Week

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Fabric
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-23162 HIGH This Week

Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Command Centre Mobile Connect
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2021-35535 HIGH This Week

Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Relion 670 Firmware Relion 650 Firmware Relion Sam600 Io Firmware
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-27024 HIGH This Week

A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Continuous Delivery
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2021-23197 HIGH This Week

Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Command Centre
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-42524 HIGH This Week

Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
2.7%
CVE-2021-42272 HIGH This Week

Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
2.7%
CVE-2021-42271 HIGH This Week

Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
2.7%
CVE-2021-42270 HIGH This Week

Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
2.7%
CVE-2021-42269 HIGH This Week

Adobe Animate version 21.0.9 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Adobe Animate
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2021-42267 HIGH This Week

Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Animate
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2021-42266 HIGH This Week

Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Animate
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-40760 HIGH PATCH This Week

Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-40759 HIGH PATCH This Week

Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-40758 HIGH PATCH This Week

Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-40757 HIGH PATCH This Week

Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-40755 HIGH PATCH This Week

Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-40754 HIGH PATCH This Week

Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2021-40753 HIGH PATCH This Week

Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2021-40752 HIGH PATCH This Week

Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2021-40751 HIGH PATCH This Week

Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe After Effects
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2021-40733 HIGH PATCH This Week

Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .psd file, potentially resulting in arbitrary code execution in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
2.7%
CVE-2021-23146 HIGH This Week

An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Command Centre
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-43669 HIGH PATCH This Week

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Fabric
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-35534 HIGH This Week

Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Gms600 Firmware Relion 670 Firmware Relion 650 Firmware Relion Sam600 Io Firmware +1
NVD
CVSS 3.1
7.2
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy