Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-0688 | Race Condition vulnerability in Google Android In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. | 7.0 |
| 2021-10-06 | CVE-2021-0692 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0/9.0 In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. | 7.8 |
| 2021-10-06 | CVE-2021-28702 | Improper Privilege Management vulnerability in multiple products PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR"). | 7.6 |
| 2021-10-05 | CVE-2020-21503 | Exposure of Resource to Wrong Sphere vulnerability in Waimai Super CMS Project Waimai Super CMS 20150505 waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. | 7.5 |
| 2021-10-05 | CVE-2021-31987 | Unspecified vulnerability in Axis products A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. | 7.5 |
| 2021-10-05 | CVE-2021-31988 | Injection vulnerability in Axis products A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email. | 8.8 |
| 2021-10-05 | CVE-2021-3510 | Unspecified vulnerability in Zephyrproject Zephyr Zephyr JSON decoder incorrectly decodes array of array. | 7.5 |
| 2021-10-05 | CVE-2021-3581 | Improper Validation of Specified Quantity in Input vulnerability in Zephyrproject Zephyr 2.5.0/2.5.1 Buffer Access with Incorrect Length Value in zephyr. | 8.8 |
| 2021-10-05 | CVE-2021-41124 | Unspecified vulnerability in Zyte Scrapy-Splash Scrapy-splash is a library which provides Scrapy and JavaScript integration. | 7.5 |
| 2021-10-05 | CVE-2021-35497 | Improper Certificate Validation vulnerability in Tibco Activespaces, Eftl and FTL The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contain a vulnerability that theoretically allows a non-administrative, authenticated FTL user to trick the affected components into creating illegitimate certificates. | 7.5 |