Skip to main content
CVE-2021-45418 HIGH POC This Week

Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Titan 180 Premium Firmware Nova 360 Cabinet Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
2.1%
CVE-2021-21936 HIGH POC This Week

A specially-crafted HTTP request can lead to SQL injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF SQLi R Seenet
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-21917 HIGH POC This Week

An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF SQLi R Seenet
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-21916 HIGH POC This Week

An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF SQLi R Seenet
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-21915 HIGH POC This Week

An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF SQLi R Seenet
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-21901 HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ic Module Cma
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-21882 HIGH POC This Week

An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Premierwave 2050 Firmware
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2021-21879 HIGH POC This Week

A directory traversal vulnerability exists in the Web Manager File Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal File Upload Premierwave 2050
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2021-43630 HIGH POC This Week

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP RCE Hospital Management System In Php
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2021-21953 HIGH POC This Week

An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Eufy Homebase 2 Firmware
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-21909 HIGH POC This Week

Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ic Module Firmware
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-21902 HIGH POC This Week

An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Ic Module Cma
NVD
CVSS 3.1
8.1
EPSS
1.7%
CVE-2021-21912 HIGH POC This Week

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation R Seenet
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-21911 HIGH POC This Week

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation R Seenet
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-21910 HIGH POC This Week

A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation R Seenet
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-45266 HIGH POC This Week

A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-21906 HIGH POC This Week

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Ic Module Cma
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-21905 HIGH POC This Week

Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Ic Module Cma
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-21904 HIGH POC This Week

A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors’ iC Module CMA Version 5.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ic Module Cma
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-21895 HIGH POC This Week

A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Premierwave 2050 Firmware
NVD
CVSS 3.1
7.2
EPSS
2.3%
CVE-2021-21885 HIGH POC This Week

A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix PremierWave 2050 8.9.0.0R4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Premierwave 2050 Firmware
NVD
CVSS 3.1
7.2
EPSS
2.4%
CVE-2021-21880 HIGH POC This Week

A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Premierwave 2050 Firmware
NVD
CVSS 3.1
7.2
EPSS
2.4%
CVE-2021-44733 HIGH POC This Week

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Linux Information Disclosure Race Condition Linux Kernel Enterprise Linux +10
NVD GitHub
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-45419 HIGH This Week

Certain Starcharge products are affected by Improper Input Validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Titan 180 Premium Firmware Nova 360 Cabinet Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2021-36886 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon - CFDB7 WordPress plugin (versions <= 1.2.5.9). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Contact Form 7 Database Addon
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-43851 HIGH PATCH This Week

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi PHP Time Tracker
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-36750 HIGH This Week

ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enc Datavault Enc Vaultapi Secureaccess
NVD
CVSS 3.1
8.1
EPSS
13.5%
CVE-2021-43804 HIGH PATCH This Week

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Pjsip Debian Linux
NVD GitHub
CVSS 3.1
7.3
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy