Skip to main content
CVE-2021-44079 CRITICAL POC PATCH Act Now

In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Command Injection Wazuh
NVD GitHub
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-23732 CRITICAL POC Act Now

This affects all versions of package docker-cli-js. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Docker Command Injection Docker Cli Js
NVD
CVSS 3.1
9.0
EPSS
1.8%
CVE-2021-44143 CRITICAL PATCH Act Now

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Isync Debian Linux +1
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2021-3943 CRITICAL PATCH Act Now

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Moodle
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-26614 CRITICAL Act Now

ius_get.cgi in IpTime C200 camera allows remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE C200 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-44144 CRITICAL PATCH Act Now

Croatia Control Asterix 2.8.1 has a heap-based buffer over-read, with additional details to be disclosed at a later date. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Asterix
NVD GitHub
CVSS 3.1
9.1
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy