Critical Vulnerabilities

SOCRadar, the extended cyber threat intelligence (XTI) platform, provides vulnerability intelligence for the security operations team who can search for recent critical vulnerabilities exploited in the wild by the threat actors. SOCRadar also provides an External Attack Surface Management suite that helps cybersecurity teams to identify vulnerable assets in their internet-facing network. We select and display critical vulnerabilities below that are popular in the hacker community.

Get free access to SOCRadar XTI to start using vulnerability intelligence now.

Get Free Access
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Adobe Arbitrary Code Execution Vulnerability Affecting Its Core Products
CVE-2021-39863
Unknown 8.8 Sep 14, 2021 Adobe Reader DC | Adobe Acrobat Reader DC Link
OMIGOD Microsoft Zero-day RCE Vulnerability in the Azure Cloud Platform
CVE-2021-38647
POC exploit code available 9.8 Sep 14, 2021 Microsoft Azure Cloud Link
ForcedEntry Apple Zero-day Bugs Exploited by NSO Group
CVE-2021-30858 | CVE-2021-30860
Zero-click exploit available 8.8 Sep 13, 2021 iPhone | iPad | Mac | Apple Watch Link
Google Chrome Use-After-Free (UAF) Zero-Day Bugs
CVE-2021-30632 | CVE-2021-30633
In-the-wild N/A Sep 13, 2021 Google Chrome Link
Zero-Day RCE Vulnerability in Microsoft MSHTML
CVE-2021-40444
Ongoing exploitation 8.8 Sep 7, 2021 Microsoft Windows Link
An Authentication Bypass Bug in the ManageEngine ADSelfService Plus Platform
CVE-2021-40539
Ongoing exploitation N/A Sep 7, 2021 Zoho ManageEngine ADSelfService Plus Link
Cisco Enterprise NFV Infrastructure Software Authentication Bypass Vulnerability
CVE-2021-34746
POC exploit code available 9.8 Sep 1, 2021 Cisco Enterprise NFVIS Link
Vulnerability Exploitation Status CVSSv3 Release Date Products References
Critical Microsoft Azure Cosmos DB Bug
No CVE assigned
Unknown N/A Aug 26, 2021 Microsoft Azure Cosmos DB | Jupyter Notebook Link
Critical Vulnerability in the Atlassian Confluence Server Platform
CVE-2021-26084
Ongoing exploitation 9.8 Aug 25, 2021 Atlassian Confluence Server and Data Center Link
Sudo Bug Privilege Escalation Vulnerability for HPE Aruba
CVE-2021-3156
POC exploit code available 7.8 Aug 25, 2021 HPE Aruba AirWave Management Platform Link
Parallels Desktop Privilege Escalation Bug
CVE-2021-34864
Unknown 8.8 Aug 25, 2021 Parallels Desktop Link