Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2021-31854 Command Injection vulnerability in Mcafee Agent
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe.
network
mcafee CWE-77
critical
9.3
2022-01-18 CVE-2022-23307 Deserialization of Untrusted Data vulnerability in Apache Chainsaw and Log4J
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw.
network
low complexity
apache CWE-502
critical
10.0
2022-01-17 CVE-2021-38965 OS Command Injection vulnerability in IBM Filenet Content Manager 5.5.4/5.5.6/5.5.7
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
critical
9.0
2022-01-15 CVE-2021-33827 OS Command Injection vulnerability in Owncloud Files Antivirus
The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.
network
low complexity
owncloud CWE-78
critical
9.0
2022-01-15 CVE-2022-23178 Improper Authentication vulnerability in Creston Hd-Md4X2-4K-E Firmware 1.0.0.2159
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices.
network
low complexity
creston CWE-287
critical
10.0
2022-01-15 CVE-2021-33963 Command Injection vulnerability in Chinamobileltd AN Lianbao 2F Firmware-1 1.0.1
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone receives parameters by POST request, and the parameter macType has a command injection vulnerability.
network
low complexity
chinamobileltd CWE-77
critical
10.0
2022-01-14 CVE-2021-1049 Unspecified vulnerability in Google Android
Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722
network
low complexity
google
critical
10.0
2022-01-14 CVE-2021-39623 Improper Privilege Management vulnerability in Google Android
In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check.
network
low complexity
google CWE-269
critical
10.0
2022-01-14 CVE-2021-44703 Out-of-bounds Write vulnerability in Adobe products
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user.
network
adobe CWE-787
critical
9.3
2022-01-14 CVE-2021-44704 Use After Free vulnerability in Adobe products
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user.
network
adobe CWE-416
critical
9.3