Skip to main content
CVE-2021-43283 HIGH POC This Week

An issue was discovered on Victure WR1200 devices through 1.0.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wr1200 Firmware
NVD
CVSS 3.1
8.8
EPSS
5.4%
CVE-2021-43790 HIGH POC PATCH This Week

Lucet is a native WebAssembly compiler and runtime. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Use After Free Buffer Overflow Memory Corruption Lucet
NVD GitHub
CVSS 3.1
8.1
EPSS
1.6%
CVE-2021-43284 HIGH POC This Week

An issue was discovered on Victure WR1200 devices through 1.0.3. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wr1200 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-41256 HIGH POC PATCH This Week

nextcloud news-android is an Android client for the Nextcloud news/feed reader app. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Information Disclosure News
NVD GitHub
CVSS 3.1
7.1
EPSS
1.1%
CVE-2021-36328 HIGH This Week

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell SQLi Emc Streaming Data Platform
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-42123 HIGH This Week

Unrestricted File Upload in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 in the File Upload Functions allows an authenticated remote attacker with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Topease
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2021-3725 HIGH PATCH This Week

Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the directory history, triggered by pressing Alt-Left and Alt-Right, use functions that unsafely execute eval. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Oh My Zsh
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-43771 HIGH This Week

Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-43296 HIGH This Week

Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to an SSRF attack in ActionExecutor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho SSRF Manageengine Supportcenter Plus
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2021-40101 HIGH This Week

An issue was discovered in Concrete CMS before 8.5.7. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Concrete Cms
NVD
CVSS 3.1
7.2
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy