Skip to main content
CVE-2021-4104 HIGH Act Now

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 72.2% and no vendor patch available.

RCE Deserialization Apache Log4J Fedora +44
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
72.2%
CVE-2021-43829 HIGH POC PATCH THREAT This Week

PatrOwl is a free and open-source solution for orchestrating Security Operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS File Upload Patrowlmanager
NVD GitHub
CVSS 3.1
8.8
EPSS
59.2%
CVE-2021-3376 HIGH POC This Week

An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers to gain escalated privileges via a crafted POST request using the user_group_id_field parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Cuppacms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-4073 HIGH POC PATCH This Week

The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administrators, if they knew a valid username on the site due to missing. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

WordPress Authentication Bypass Registrationmagic
NVD
CVSS 3.1
8.1
EPSS
7.0%
CVE-2021-43821 HIGH POC PATCH This Week

Opencast is an Open Source Lecture Capture & Video Management for Education. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Information Disclosure Opencast
NVD GitHub
CVSS 3.1
7.7
EPSS
2.0%
CVE-2021-43828 HIGH POC This Week

PatrOwl is a free and open-source solution for orchestrating Security Operations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Patrowlmanager
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-39312 HIGH POC THREAT This Week

The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Path Traversal PHP True Ranker
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
77.9%
CVE-2021-43830 HIGH PATCH This Week

OpenProject is a web-based project management software. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Openproject
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-44233 HIGH This Week

SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Access Control
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-38182 HIGH This Week

Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Kyma
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-34426 HIGH This Week

A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Keybase
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-38950 HIGH PATCH This Week

IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

IBM Privilege Escalation Mq For Hpe Nonstop
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-4007 HIGH This Week

Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Python Privilege Escalation Insight Agent
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-44450 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-44449 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44447 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44446 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44445 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44443 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44442 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44441 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44440 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44439 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-44438 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44437 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44435 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44434 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44433 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44432 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-44430 HIGH This Week

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44014 HIGH PATCH This Week

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Jt Open Toolkit Jt Utilities +3
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-44013 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2021-44006 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-44005 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-44002 HIGH PATCH This Week

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt Open Toolkit Jt Utilities Jt2Go +2
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-44001 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-42024 HIGH PATCH This Week

A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < 2021.3.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Simcenter Star Ccm Viewer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-44232 HIGH This Week

SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path information provided by normal user, leading to full server directory access. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Saf T Framework
NVD
CVSS 3.1
7.7
EPSS
1.0%
CVE-2021-4044 HIGH PATCH This Week

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Denial Of Service Cloud Backup E Series Performance Analyzer Ontap Select Deploy Administration Utility +12
NVD
CVSS 3.1
7.5
EPSS
50.1%
CVE-2021-43388 HIGH This Week

Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cargo Mobile
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-41067 HIGH This Week

An issue was discovered in Listary through 6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Listary
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-41066 HIGH This Week

An issue was discovered in Listary through 6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Listary
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-44522 HIGH This Week

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sipass Integrated Siveillance Identity
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-44549 HIGH PATCH This Week

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Information Disclosure Sling Commons Messaging Mail
NVD
CVSS 3.1
7.4
EPSS
1.9%
CVE-2021-42027 HIGH PATCH This Week

A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Sinumerik Edge
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2021-41065 HIGH This Week

An issue was discovered in Listary through 6. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Listary
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2021-44165 HIGH This Week

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow 7Kg9501 0Aa01 2Aa1 Firmware 7Kg9501 0Aa31 0Aa1 Firmware +2
NVD
CVSS 3.1
7.2
EPSS
2.6%
CVE-2021-41547 HIGH PATCH This Week

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All versions < V5.0.10), Teamcenter Active Workspace V5.1 (All. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Teamcenter Active Workspace
NVD
CVSS 3.1
7.2
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy