Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-13 | CVE-2021-38833 | SQL Injection vulnerability in Apartment Visitors Management System Project Apartment Visitors Management System 1.0 SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. | 7.5 |
| 2021-09-13 | CVE-2020-27969 | Origin Validation Error vulnerability in Yandex Browser Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing | 7.5 |
| 2021-09-10 | CVE-2021-37422 | SQL Injection vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases. | 7.5 |
| 2021-09-10 | CVE-2021-37423 | Unspecified vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover. | 7.5 |
| 2021-09-10 | CVE-2021-38360 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Wp-Publications Project Wp-Publications The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in versions up to and including 0.0. | 7.5 |
| 2021-09-10 | CVE-2021-40373 | Code Injection vulnerability in Playsms playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the #tabs-information-page of core_main_config, and then executing that code via the index.php?app=main&inc=core_welcome URI. | 7.5 |
| 2021-09-09 | CVE-2021-25449 | Improper Input Validation vulnerability in Google Android An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process. | 7.5 |
| 2021-09-09 | CVE-2020-19267 | Unrestricted Upload of File with Dangerous Type vulnerability in Dswjcms Project Dswjcms 1.6.4 An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 7.5 |
| 2021-09-09 | CVE-2021-32484 | Out-of-bounds Write vulnerability in Mediatek Modem Lr12A/Lr13 In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. | 7.8 |
| 2021-09-09 | CVE-2021-32485 | Out-of-bounds Write vulnerability in Mediatek Modem Lr12A/Lr13 In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. | 7.8 |