Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-29837 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-10-06 | CVE-2021-38925 | Inadequate Encryption Strength vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0. | 7.5 |
| 2021-10-06 | CVE-2021-20264 | Incorrect Permission Assignment for Critical Resource vulnerability in Oracle Openjdk 1.8.0/11 An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. | 7.8 |
| 2021-10-06 | CVE-2021-0595 | Improper Authentication vulnerability in Google Android In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. | 7.8 |
| 2021-10-06 | CVE-2021-0598 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. | 7.3 |
| 2021-10-06 | CVE-2021-0635 | Unspecified vulnerability in Google Android 10.0 When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. | 7.8 |
| 2021-10-06 | CVE-2021-0636 | Unspecified vulnerability in Google Android 10.0 When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. | 7.8 |
| 2021-10-06 | CVE-2021-0683 | Unspecified vulnerability in Google Android In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. | 7.8 |
| 2021-10-06 | CVE-2021-0684 | Use After Free vulnerability in Google Android In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. | 7.8 |
| 2021-10-06 | CVE-2021-0685 | Deserialization of Untrusted Data vulnerability in Google Android 11.0 In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization/deserialization mismatch due to unsafe deserialization. | 7.8 |