Skip to main content
CVE-2021-4187 HIGH POC PATCH This Week

vim is vulnerable to Use After Free. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Use After Free Denial Of Service Memory Corruption Vim Fedora +2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-23727 HIGH POC PATCH This Week

This affects the package celery before 5.2.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Command Injection Celery Extra Packages For Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-25991 HIGH POC PATCH This Week

In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Ifme
NVD GitHub
CVSS 3.1
7.3
EPSS
0.8%
CVE-2021-43876 HIGH PATCH This Week

Microsoft SharePoint Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Sharepoint Enterprise Server Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-44161 HIGH This Week

Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient validation for user input. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SQLi Motp
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-45885 HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Network Security
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-36723 HIGH This Week

Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emuse Eservices Envoice
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-38688 HIGH This Week

An improper authentication vulnerability has been reported to affect Android App Qfile. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Qfile
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-44160 HIGH This Week

Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Carinal Tien Hospital Health Report System
NVD
CVSS 3.1
7.3
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy