Skip to main content
CVE-2021-37063 CRITICAL Act Now

There is a Cryptographic Issues vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to read and delete images of Harmony devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-37059 CRITICAL Act Now

There is a Weaknesses Introduced During Design. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-42128 CRITICAL Act Now

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Ivanti Avalanche
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2021-42127 CRITICAL Act Now

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using Inforail Service allows arbitrary code execution via Data Repository Service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Ivanti Avalanche
NVD
CVSS 3.1
9.8
EPSS
65.8%
CVE-2021-29114 CRITICAL Act Now

A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below allows a remote, unauthenticated attacker to impact the confidentiality, integrity and availability of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Arcgis Server
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2021-37099 CRITICAL Act Now

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37088 CRITICAL Act Now

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37087 CRITICAL Act Now

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37079 CRITICAL Act Now

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Code Injection Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37065 CRITICAL Act Now

There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality or Availability impacted. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Integer Overflow Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37064 CRITICAL Act Now

There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37062 CRITICAL Act Now

There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37021 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Emui Harmonyos +1
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37020 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Emui Harmonyos +1
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37011 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2021-37042 CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37041 CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-42132 HIGH This Week

A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
70.1%
CVE-2021-42131 HIGH This Week

A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Privilege Escalation Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
66.5%
CVE-2021-42130 HIGH This Week

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
62.2%
CVE-2021-42129 HIGH This Week

A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
77.3%
CVE-2021-42126 HIGH This Week

An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ivanti Authentication Bypass Avalanche
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2021-42125 HIGH This Week

An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization File Upload Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
81.6%
CVE-2021-42124 HIGH This Week

An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform a session takeover. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Ivanti Authentication Bypass Avalanche
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2021-37086 HIGH This Week

There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers which can isolate and read synchronization files. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2021-43963 HIGH This Week

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sync Gateway
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2021-42133 HIGH This Week

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Ivanti Avalanche
NVD
CVSS 3.1
8.1
EPSS
2.8%
CVE-2021-44149 HIGH This Week

An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Op Tee
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-40288 HIGH PATCH This Week

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

TP-Link Authentication Bypass Archer Ax10 Firmware
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2021-37100 HIGH This Week

There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37096 HIGH This Week

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to user privacy disclosed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37094 HIGH This Week

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37091 HIGH This Week

There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37090 HIGH This Week

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37089 HIGH This Week

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37083 HIGH This Week

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Denial of Service Attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37081 HIGH This Week

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to nearby crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37080 HIGH This Week

There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37078 HIGH This Week

There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-37077 HIGH This Week

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to kernel crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37076 HIGH This Week

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37072 HIGH This Week

There is a Incorrect Calculation of Buffer Size vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37071 HIGH This Week

There is a Business Logic Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to persistent dos. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37070 HIGH This Week

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37068 HIGH This Week

There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of Service Attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37067 HIGH This Week

There is a Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality impacted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37066 HIGH This Week

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37061 HIGH This Week

There is a Uncontrolled Resource Consumption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Screen projection application denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Denial Of Service Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37060 HIGH This Week

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to SAMGR Heap Address Leakage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37057 HIGH This Week

There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to restart the phone. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy