Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-09 | CVE-2021-34718 | Argument Injection or Modification vulnerability in Cisco IOS XR A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. | 8.1 |
| 2021-09-09 | CVE-2021-34719 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. | 7.8 |
| 2021-09-09 | CVE-2021-34720 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. | 8.6 |
| 2021-09-09 | CVE-2021-34728 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. | 7.8 |
| 2021-09-09 | CVE-2021-34737 | NULL Pointer Dereference vulnerability in Cisco IOS XR A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. | 7.5 |
| 2021-09-09 | CVE-2021-34785 | Improper Authentication vulnerability in Cisco Broadworks Commpilot Application Software Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. | 7.2 |
| 2021-09-09 | CVE-2021-32836 | Deserialization of Untrusted Data vulnerability in Zstack ZStack is open source IaaS(infrastructure as a service) software. | 8.1 |
| 2021-09-08 | CVE-2020-19137 | Cleartext Storage of Sensitive Information vulnerability in Autumn Project Autumn Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10". | 7.5 |
| 2021-09-08 | CVE-2021-30605 | Improper Authentication vulnerability in Google Chrome OS Readiness Tool 1.0.0.0/1.0.1.0 Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls. | 7.8 |
| 2021-09-08 | CVE-2021-36216 | Uncontrolled Search Path Element vulnerability in Linecorp Line LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection. | 7.8 |