Skip to main content
CVE-2021-41716 CRITICAL POC Act Now

Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Google Mahavitaran
NVD VulDB
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-40859 CRITICAL POC THREAT Act Now

Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Compact 5500R Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
72.0%
CVE-2021-44685 CRITICAL POC Act Now

Git-it through 4.4.0 allows OS command injection at the Branches Aren't Just For Birds challenge step. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Git It
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2021-44684 CRITICAL POC Act Now

naholyr github-todos 3.1.0 is vulnerable to command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Github Todos
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-38759 CRITICAL POC THREAT Act Now

Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Raspberry Pi Os Lite
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
15.7%
CVE-2021-24041 CRITICAL Act Now

A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Google Whatsapp Whatsapp Business
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-43789 CRITICAL PATCH Act Now

PrestaShop is an Open Source e-commerce web application. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Prestashop
NVD GitHub
CVSS 3.1
9.8
EPSS
4.1%
CVE-2021-37095 CRITICAL Act Now

There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote denial of service and potential remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Integer Overflow Denial Of Service RCE Harmonyos
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-37084 CRITICAL Act Now

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious invoking other functions of the Smart Assistant through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-37063 CRITICAL Act Now

There is a Cryptographic Issues vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to read and delete images of Harmony devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-37059 CRITICAL Act Now

There is a Weaknesses Introduced During Design. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-42128 CRITICAL Act Now

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Ivanti Avalanche
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2021-42127 CRITICAL Act Now

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using Inforail Service allows arbitrary code execution via Data Repository Service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Ivanti Avalanche
NVD
CVSS 3.1
9.8
EPSS
65.8%
CVE-2021-29114 CRITICAL Act Now

A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below allows a remote, unauthenticated attacker to impact the confidentiality, integrity and availability of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Arcgis Server
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2021-37099 CRITICAL Act Now

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37088 CRITICAL Act Now

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37087 CRITICAL Act Now

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37079 CRITICAL Act Now

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Code Injection Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37065 CRITICAL Act Now

There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality or Availability impacted. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Integer Overflow Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37064 CRITICAL Act Now

There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37062 CRITICAL Act Now

There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37021 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Emui Harmonyos +1
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37020 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Emui Harmonyos +1
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2021-37011 CRITICAL Act Now

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Memory Corruption Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2021-37042 CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2021-37041 CRITICAL Act Now

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
9.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy