Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-09 | CVE-2021-28911 | Incorrect Authorization vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. | 10.0 |
| 2021-09-09 | CVE-2021-28912 | Weak Password Requirements vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3. | 9.0 |
| 2021-09-09 | CVE-2021-28913 | Missing Authentication for Critical Function vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. | 10.0 |
| 2021-09-09 | CVE-2021-39296 | Improper Authentication vulnerability in Openbmc-Project Openbmc 2.9.0 In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system. | 10.0 |
| 2021-09-09 | CVE-2021-39459 | OS Command Injection vulnerability in Redaxo 5.12.1 Remote code execution in the modules component in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user to execute code on the hosting system via a module containing malicious PHP code. | 9.0 |
| 2021-09-09 | CVE-2021-40222 | OS Command Injection vulnerability in Rittal CMC PU III 7030.000 Firmware 3.11.002/3.15.704 Rittal CMC PU III Web management Version affected: V3.11.00_2. | 9.0 |
| 2021-09-09 | CVE-2021-1933 | Improper Validation of Array Index vulnerability in Qualcomm products UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | 10.0 |
| 2021-09-09 | CVE-2021-1946 | NULL Pointer Dereference vulnerability in Qualcomm products Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 10.0 |
| 2021-09-08 | CVE-2020-19138 | Unrestricted Upload of File with Dangerous Type vulnerability in Dotcms Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java". | 10.0 |
| 2021-09-08 | CVE-2021-21103 | Access of Memory Location After End of Buffer vulnerability in Adobe Illustrator Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. | 9.3 |