🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2018-8453 | Critical | 9.0 |
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Windows Win32k contains a vulnerability that allows an a…
|
⚡ Exploit ✅ Patch | Jan 21, 2022 |
| CVE-2021-35247 | Critical | 9.0 |
SolarWinds Serv-U Improper Input Validation Vulnerability — SolarWinds Serv-U versions 15.2.5 and earlier contain an imp…
|
⚡ Exploit ✅ Patch | Jan 21, 2022 |
| CVE-2020-11978 | Critical | 9.0 |
Apache Airflow Command Injection — A remote code/command injection vulnerability was discovered in one of the example DA…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2020-13671 | Critical | 9.0 |
Drupal core Un-restricted Upload of File — Improper sanitization in the extension file names is present in Drupal core.…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2020-13927 | Critical | 9.0 |
Apache Airflow's Experimental API Authentication Bypass — The previous default setting for Airflow's Experimental API wa…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2020-14864 | Critical | 9.0 |
Oracle Business Intelligence Enterprise Edition Path Transversal — Path traversal vulnerability, where an attacker can t…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-21315 | Critical | 9.0 |
System Information Library for Node.JS Command Injection — In this vulnerability, an attacker can send a malicious paylo…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-21975 | Critical | 9.0 |
VMware Server Side Request Forgery in vRealize Operations Manager API — Server Side Request Forgery (SSRF) in vRealize O…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-22991 | Critical | 9.0 |
F5 BIG-IP Traffic Management Microkernel Buffer Overflow — The Traffic Management Microkernel of BIG-IP ASM Risk Engine …
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-25296 | Critical | 9.0 |
Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-25297 | Critical | 9.0 |
Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-25298 | Critical | 9.0 |
Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-32648 | Critical | 9.0 |
October CMS Improper Authentication — In affected versions of the october/system package an attacker can request an acco…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-33766 | Critical | 9.0 |
Microsoft Exchange Server Information Disclosure — Microsoft Exchange Server contains an information disclosure vulnerab…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-40870 | Critical | 9.0 |
Aviatrix Controller Unrestricted Upload of File — Unrestricted upload of a file with a dangerous type is possible, which…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2013-3900 | Critical | 9.0 |
Microsoft WinVerifyTrust function Remote Code Execution — A remote code execution vulnerability exists in the way that t…
|
⚡ Exploit ✅ Patch | Jan 10, 2022 |
| CVE-2015-7450 | Critical | 9.0 |
IBM WebSphere Application Server and Server Hypervisor Edition Code Injection. — Serialized-object interfaces in certain…
|
⚡ Exploit ✅ Patch | Jan 10, 2022 |
| CVE-2019-1458 | Critical | 9.0 |
Microsoft Win32k Privilege Escalation Vulnerability — A privilege escalation vulnerability exists in Windows when the Wi…
|
⚡ Exploit ✅ Patch | Jan 10, 2022 |
| CVE-2019-1579 | Critical | 9.0 |
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability — Remote Code Execution in PAN-OS with GlobalProtect Porta…
|
⚡ Exploit ✅ Patch | Jan 10, 2022 |
| CVE-2019-2725 | Critical | 9.0 |
Oracle WebLogic Server, Injection — Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Mid…
|
⚡ Exploit ✅ Patch | Jan 10, 2022 |