How severe is CVE-2021-22931?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2021-22931?

This is classified as CWE-170, which is a common weakness in software security.

CVE-2021-22931

CRITICAL Year: 2021

CVSS v3 Score

9.8

Critical

CVSS v2 Score

7.5

High

Weakness Type

CWE-170

View all →

Vulnerability Description

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.

CVE-2019-8275

CRITICAL

CVSS:9.8(Critical)

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitabl...

CWE-1702019

CVE-2021-31884

CRITICAL

CVSS:9.8(Critical)

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet)...

CWE-1702021

CVE-2021-31886

CRITICAL

CVSS:9.8(Critical)

CWE-1702021

CVE-2021-1411

CRITICAL

CVSS:9.9(Critical)

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating sy...

CWE-1702021