Skip to main content
CVE-2021-42688 HIGH POC This Week

An Integer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Microsoft Integer Overflow Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42687 HIGH POC This Week

A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Microsoft Denial Of Service RCE Hyworks Windows Client
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42686 HIGH POC This Week

An Integer Overflow exists in Accops HyWorks Windows Client prior to v 3.2.8.200. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Microsoft Integer Overflow Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42685 HIGH POC This Week

An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105 . Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Hyworks Dvm Tools
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42683 HIGH POC This Week

A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Microsoft Denial Of Service RCE Hyworks Windows Client
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42682 HIGH POC This Week

An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105 .The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Hyworks Dvm Tools
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42681 HIGH POC This Week

A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Hyworks Dvm Tools
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43638 HIGH POC This Week

Amazon Amazon WorkSpaces agent is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Workspaces
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43637 HIGH POC This Week

Amazon WorkSpaces agent is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Workspaces
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43006 HIGH POC This Week

AmZetta Amzetta zPortal DVM Tools is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Zportal Dvm Tools
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43003 HIGH POC This Week

Amzetta zPortal Windows zClient is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Microsoft Integer Overflow Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43002 HIGH POC This Week

Amzetta zPortal DVM Tools is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Zportal Dvm Tools
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43000 HIGH POC This Week

Amzetta zPortal Windows zClient is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Microsoft Denial Of Service RCE Zportal Windows Zclient
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42996 HIGH POC This Week

Donglify is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Donglify
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42994 HIGH POC This Week

Donglify is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Donglify
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42993 HIGH POC This Week

FlexiHub For Windows is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Microsoft Integer Overflow Denial Of Service +1
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42990 HIGH POC This Week

FlexiHub For Windows is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Microsoft Denial Of Service RCE Flexihub
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42988 HIGH POC This Week

Eltima USB Network Gate is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Usb Network Gate
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42987 HIGH POC This Week

Eltima USB Network Gate is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Usb Network Gate
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42986 HIGH POC This Week

NoMachine Enterprise Client is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Enterprise Client
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42983 HIGH POC This Week

NoMachine Enterprise Client is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Enterprise Client
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42980 HIGH POC This Week

NoMachine Cloud Server is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Cloud Server
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42979 HIGH POC This Week

NoMachine Cloud Server is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Cloud Server
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42977 HIGH POC This Week

NoMachine Enterprise Desktop is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Enterprise Desktop
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42976 HIGH POC This Week

NoMachine Enterprise Desktop is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Enterprise Desktop
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42973 HIGH POC This Week

NoMachine Server is affected by Integer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Denial Of Service RCE Server
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-42972 HIGH POC This Week

NoMachine Server is affected by Buffer Overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Server
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43176 HIGH POC This Week

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied “action” parameter and appends a .php file extension to locate and load the correct PHP file to implement. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Goautodial Goautodial Api
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-28680 HIGH POC PATCH This Week

The devise_masquerade gem before 1.3 allows certain attacks when a password's salt is unknown. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Devise Masquerade
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-42717 HIGH POC PATCH This Week

ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Nginx Information Disclosure Modsecurity Nginx Modsecurity Waf Debian Linux +2
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2021-34543 HIGH POC This Week

The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Solar Log 500 Firmware
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
2.9%
CVE-2021-43798 HIGH POC KEV PATCH THREAT This Week

Grafana is an open-source platform for monitoring and observability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Grafana Path Traversal
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
88.8%
CVE-2021-43805 HIGH POC PATCH This Week

Solidus is a free, open-source ecommerce platform built on Rails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Solidus
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-43175 HIGH POC This Week

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action that routes to other PHP files that implement the various API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Goautodial Goautodial Api
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-44686 HIGH POC PATCH This Week

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Calibre Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
5.0%
CVE-2021-40578 HIGH POC This Week

Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Enrollment Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.5%
CVE-2021-42132 HIGH This Week

A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
70.1%
CVE-2021-42131 HIGH This Week

A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Privilege Escalation Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
66.5%
CVE-2021-42130 HIGH This Week

A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
62.2%
CVE-2021-42129 HIGH This Week

A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform arbitrary command execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
77.3%
CVE-2021-42126 HIGH This Week

An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ivanti Authentication Bypass Avalanche
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2021-42125 HIGH This Week

An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization File Upload Ivanti Avalanche
NVD
CVSS 3.1
8.8
EPSS
81.6%
CVE-2021-42124 HIGH This Week

An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform a session takeover. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Ivanti Authentication Bypass Avalanche
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2021-37086 HIGH This Week

There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers which can isolate and read synchronization files. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2021-43963 HIGH This Week

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sync Gateway
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2021-42133 HIGH This Week

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Ivanti Avalanche
NVD
CVSS 3.1
8.1
EPSS
2.8%
CVE-2021-44149 HIGH This Week

An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Op Tee
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-40288 HIGH PATCH This Week

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

TP-Link Authentication Bypass Archer Ax10 Firmware
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2021-37100 HIGH This Week

There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-37096 HIGH This Week

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to user privacy disclosed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.7%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy