🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2017-5689 | Critical | 9.0 |
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalati…
|
⚡ Exploit ✅ Patch | Jan 28, 2022 |
| CVE-2020-0787 | Critical | 9.0 |
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability — Microsoft…
|
⚡ Exploit ✅ Patch | Jan 28, 2022 |
| CVE-2020-5722 | Critical | 9.0 |
Grandstream Networks UCM6200 Series SQL Injection Vulnerability — Grandstream UCM6200 series is vulnerable to an unauthe…
|
⚡ Exploit ✅ Patch | Jan 28, 2022 |
| CVE-2021-20038 | Critical | 9.0 |
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability — SonicWall SMA 100 devies are vulnerable to an u…
|
⚡ Exploit ✅ Patch | Jan 28, 2022 |
| CVE-2022-22587 | Critical | 9.0 |
Apple Memory Corruption Vulnerability — Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can a…
|
⚡ Exploit ✅ Patch | Jan 28, 2022 |
| CVE-2006-1547 | Critical | 9.0 |
Apache Struts 1 ActionForm Denial-of-Service Vulnerability — ActionForm in Apache Struts versions before 1.2.9 with Bean…
|
⚡ Exploit ✅ Patch | Jan 21, 2022 |
| CVE-2012-0391 | Critical | 9.0 |
Apache Struts 2 Improper Input Validation Vulnerability — The ExceptionDelegator component in Apache Struts 2 before 2.2…
|
⚡ Exploit ✅ Patch | Jan 21, 2022 |
| CVE-2018-8453 | Critical | 9.0 |
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Windows Win32k contains a vulnerability that allows an a…
|
⚡ Exploit ✅ Patch | Jan 21, 2022 |
| CVE-2021-35247 | Critical | 9.0 |
SolarWinds Serv-U Improper Input Validation Vulnerability — SolarWinds Serv-U versions 15.2.5 and earlier contain an imp…
|
⚡ Exploit ✅ Patch | Jan 21, 2022 |
| CVE-2020-11978 | Critical | 9.0 |
Apache Airflow Command Injection — A remote code/command injection vulnerability was discovered in one of the example DA…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2020-13671 | Critical | 9.0 |
Drupal core Un-restricted Upload of File — Improper sanitization in the extension file names is present in Drupal core.…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2020-13927 | Critical | 9.0 |
Apache Airflow's Experimental API Authentication Bypass — The previous default setting for Airflow's Experimental API wa…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2020-14864 | Critical | 9.0 |
Oracle Business Intelligence Enterprise Edition Path Transversal — Path traversal vulnerability, where an attacker can t…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-21315 | Critical | 9.0 |
System Information Library for Node.JS Command Injection — In this vulnerability, an attacker can send a malicious paylo…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-21975 | Critical | 9.0 |
VMware Server Side Request Forgery in vRealize Operations Manager API — Server Side Request Forgery (SSRF) in vRealize O…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-22991 | Critical | 9.0 |
F5 BIG-IP Traffic Management Microkernel Buffer Overflow — The Traffic Management Microkernel of BIG-IP ASM Risk Engine …
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-25296 | Critical | 9.0 |
Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-25297 | Critical | 9.0 |
Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-25298 | Critical | 9.0 |
Nagios XI OS Command Injection — Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |
| CVE-2021-32648 | Critical | 9.0 |
October CMS Improper Authentication — In affected versions of the october/system package an attacker can request an acco…
|
⚡ Exploit ✅ Patch | Jan 18, 2022 |