Security For Everyone Team

13 exploits Active since Dec 2020
CVE-2021-30573 NOMISEC HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
10 stars
CVSS 8.8
CVE-2021-30573 INTHEWILD HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2021-30573 INTHEWILD HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2021-30573 INTHEWILD HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2021-30573 INTHEWILD HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2021-30573 INTHEWILD HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2021-30573 INTHEWILD HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2021-30573 INTHEWILD HIGH SUSPICIOUS
Google Chrome <92.0.4515.107 - Use After Free
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
CVE-2021-36352 EXPLOITDB MEDIUM text WRITEUP
Care2x Hospital Information Management 2.7 Alpha - XSS
Stored cross-site scripting (XSS) vulnerability in Care2x Hospital Information Management 2.7 Alpha. The vulnerability has found POST requests in /modules/registration_admission/patient_register.php page with "name_middle", "addr_str", "station", "name_maiden", "name_2", "name_3" parameters.
CVSS 5.4
CVE-2021-36351 EXPLOITDB CRITICAL text WORKING POC
Care2x Hospital Information Management System < 2.7 - SQL Injection via pday/pmonth/pyear Parameters
SQL Injection Vulnerability in Care2x Open Source Hospital Information Management 2.7 Alpha via the (1) pday, (2) pmonth, and (3) pyear parameters in GET requests sent to /modules/nursing/nursing-station.php.
CVSS 9.8
CVE-2021-27200 EXPLOITDB CRITICAL python WORKING POC
WoWonder 3.0.4 - Account Takeover via Weak Cryptographic Algorithm in recover.php
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.
CVSS 9.8
CVE-2020-29596 EXPLOITDB HIGH python WORKING POC
MiniWeb HTTP Server 0.8.19 - Denial of Service via Long POST Parameter Name
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
CVSS 7.5
EIP-2026-110321 EXPLOITDB text WRITEUP
openSIS Student Information System 8.0 - 'multiple' SQL Injection