Skip to main content
CVE-2021-4166 HIGH POC PATCH This Week

vim is vulnerable to Out-of-bounds Read. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Vim Enterprise Linux Factory +5
NVD GitHub
CVSS 3.1
7.1
EPSS
1.6%
CVE-2021-45483 MEDIUM POC This Month

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Webkitgtk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-45482 MEDIUM POC This Month

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Webkitgtk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-45481 MEDIUM POC This Month

In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Webkitgtk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-4162 MEDIUM POC PATCH This Month

archivy is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Archivy
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-45489 HIGH This Week

In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbsd
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-45488 HIGH PATCH This Week

In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Netbsd
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-45487 HIGH This Week

In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbsd
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-45485 HIGH PATCH This Week

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Linux Information Disclosure Linux Kernel E Series Santricity Os Controller Solidfire Enterprise Sds Hci Storage Node +23
NVD
CVSS 3.1
7.5
EPSS
3.6%
CVE-2021-45484 HIGH This Week

In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netbsd
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-45486 LOW PATCH Monitor

In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Exposure Function +1
NVD
CVSS 3.1
3.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy