Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2021-27046 | Out-of-bounds Write vulnerability in Autodesk Navisworks A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files. | 7.8 |
| 2021-09-15 | CVE-2021-39213 | Injection vulnerability in Glpi-Project Glpi GLPI is a free Asset and IT management software package. | 8.8 |
| 2021-09-15 | CVE-2021-3795 | Unspecified vulnerability in Semver-Regex Project Semver-Regex semver-regex is vulnerable to Inefficient Regular Expression Complexity | 7.5 |
| 2021-09-15 | CVE-2021-40155 | Out-of-bounds Read vulnerability in Autodesk Navisworks A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. | 7.8 |
| 2021-09-15 | CVE-2021-40156 | Out-of-bounds Write vulnerability in Autodesk Navisworks A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. | 7.8 |
| 2021-09-15 | CVE-2021-39209 | Unspecified vulnerability in Glpi-Project Glpi GLPI is a free Asset and IT management software package. | 8.8 |
| 2021-09-15 | CVE-2021-27044 | Out-of-bounds Write vulnerability in Autodesk FBX Review 1.4.0 A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure. | 7.8 |
| 2021-09-15 | CVE-2021-40157 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Review 1.4.0/1.4.1.0/1.5.0 A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system. | 7.8 |
| 2021-09-15 | CVE-2020-19150 | Path Traversal vulnerability in Jflyfox Jfinal CMS Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information or cause a denial of service via the 'FileManager.delete()' function in the component 'modules/filemanager/FileManagerController.java'. | 8.1 |
| 2021-09-15 | CVE-2020-19151 | Command Injection vulnerability in Jflyfox Jfinal CMS Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinal_cms/admin/filemanager/list'. | 8.8 |