Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-05 CVE-2021-42008 Out-of-bounds Write vulnerability in multiple products
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write.
local
low complexity
linux netapp debian CWE-787
7.8
7.8
2021-10-04 CVE-2021-42006 Out-of-bounds Read vulnerability in Gclib Project Gclib 0.12.7
An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file.
network
low complexity
gclib-project CWE-125
8.8
8.8
2021-10-04 CVE-2021-32765 Integer Overflow or Wraparound vulnerability in multiple products
Hiredis is a minimalistic C client library for the Redis database.
network
low complexity
redis debian netapp CWE-190
8.8
8.8
2021-10-04 CVE-2020-21386 Cross-Site Request Forgery (CSRF) vulnerability in Maccms 10.0
A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges.
network
low complexity
maccms CWE-352
8.8
8.8
2021-10-04 CVE-2021-39433 Unspecified vulnerability in Biqs Biqsdrive 1.83
A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php.
network
low complexity
biqs
7.5
7.5
2021-10-04 CVE-2021-41092 Docker CLI is the command line interface for the docker container runtime.
network
low complexity
docker fedoraproject
7.5
7.5
2021-10-04 CVE-2021-41118 Unspecified vulnerability in Dynamicpagelist3 Project Dynamicpagelist3 3.3.5
The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details.
network
low complexity
dynamicpagelist3-project
7.5
7.5
2021-10-04 CVE-2021-41651 SQL Injection vulnerability in Hotel Management System Project Hotel Management System
A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system.
network
low complexity
hotel-management-system-project CWE-89
7.5
7.5
2021-10-04 CVE-2021-23855 Inadequate Encryption Strength vulnerability in Bosch products
The user and password data base is exposed by an unprotected web server resource.
network
low complexity
bosch CWE-326
7.5
7.5
2021-10-04 CVE-2021-23858 Missing Authentication for Critical Function vulnerability in Bosch products
Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication.
network
low complexity
bosch CWE-306
7.5
7.5