Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-02-25 CVE-2021-26701 Unspecified vulnerability in Microsoft .Net and .Net Core
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.
network
low complexity
microsoft
7.5
2021-02-25 CVE-2021-24112 Unspecified vulnerability in Microsoft products
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701.
network
low complexity
microsoft
7.5
2021-02-23 CVE-2021-26677 Improper Privilege Management vulnerability in Arubanetworks Clearpass Policy Manager
A local authenticated escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1.
local
low complexity
arubanetworks CWE-269
7.2
2021-02-23 CVE-2020-28429 Command Injection vulnerability in Geojson2Kml Project Geojson2Kml
All versions of package geojson2kml are vulnerable to Command Injection via the index.js file.
network
low complexity
geojson2kml-project CWE-77
7.5
2021-02-22 CVE-2021-27228 USE of Hard-Coded Credentials vulnerability in Shinobi PRO
An issue was discovered in Shinobi through ocean version 1.
network
low complexity
shinobi CWE-798
7.5
2021-02-22 CVE-2020-11283 Out-Of-Bounds Write vulnerability in Qualcomm products
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-787
7.5
2021-02-22 CVE-2020-11195 Improper Input Validation vulnerability in Qualcomm products
Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
local
low complexity
qualcomm CWE-20
7.2
2021-02-22 CVE-2020-11194 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qualcomm products
Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
local
low complexity
qualcomm CWE-119
7.2
2021-02-22 CVE-2020-11187 Improper Validation of Array Index vulnerability in Qualcomm products
Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile
local
low complexity
qualcomm CWE-129
7.2
2021-02-22 CVE-2020-11177 Unspecified vulnerability in Qualcomm products
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm
7.2