Vulnerability Trends

CVE-2021-22005The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCen...
CVE-2021-40444Microsoft MSHTML Remote Code Execution Vulnerability
CVE-2021-30869** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none.
CVE-2021-30860An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, ...
CVE-2021-30632Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware
CVE-2021-30858A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing ...
CVE-2021-26084In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to exec...
CVE-2021-40539Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
CVE-2021-38112In the Amazon AWS WorkSpaces client before 3.1.9 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution bec...
CVE-2021-36260A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vuln...
CVE-2021-40847The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root ...
CVE-2021-38647Open Management Infrastructure Remote Code Execution Vulnerability
CVE-2021-0090Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of priv...
CVE-2021-33035Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading...
CVE-2021-20034CVE-2021-20034
CVE-2021-39246Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. If --l...
CVE-2021-32749fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0....
CVE-2021-31207Microsoft Exchange Server Security Feature Bypass Vulnerability
CVE-2021-34770A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 900...
CVE-2021-25741A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories ...