Skip to main content
CVE-2021-23803 CRITICAL POC PATCH Act Now

This affects the package latte/latte before 2.10.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Latte
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-23797 CRITICAL POC Act Now

All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Http Server Node
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-23450 CRITICAL POC PATCH THREAT Act Now

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Dojo Communications Policy Management Primavera Unifier +2
NVD GitHub
CVSS 3.1
9.8
EPSS
30.4%
CVE-2021-40850 CRITICAL Act Now

TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Gim
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-36779 CRITICAL Act Now

A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Longhorn
NVD GitHub
CVSS 3.1
9.6
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy