QNAP NAS HBS 3 Hybrid Backup Syn Hard-Coded Credentials
QLocker Ransomware is using this vulnerability to encrypt files of QNAP customers.
Write-up of CVE-2021-30481 Source engine remote code execution via game invites
Pulse Connect Secure remote code execution through authentication bypass.
CVSS V3.1 risk score is 10/10.
The vulnerability has been exploited in the wild by the threat actor UNC2630. According to Fireeye UNC2630 may have ties with APT5 and the Chinese government.
Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316)
Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
Valve Steam remote code execution. This vulnerability works for all Source Engine games.
POC and analysis of Windows IPv6 Fragmentation Vulnerability (CVE-2021-24086):
Another POC is here: https://github.com/0vercl0k/CVE-2021-24086
Exploit of CVE-2020-16040 Google Chrome <= 87.0.4280.88 vulnerability
CVE-2019-8761 is an interesting macOS bug that lets attackers execute HTML within a TXT file, leak files, and do all sorts of other funky things
Zoom Unintended Screen Sharing Vulnerability POC: