Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-02 | CVE-2021-36185 | OS Command Injection vulnerability in Fortinet Fortiwlm A improper neutralization of special elements used in an OS command ('OS Command Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests. | 8.8 |
| 2021-11-02 | CVE-2021-36187 | Resource Exhaustion vulnerability in Fortinet Fortiweb A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to cause a denial of service for webserver daemon via crafted HTTP requests | 7.5 |
| 2021-11-02 | CVE-2021-41022 | Improper Privilege Management vulnerability in Fortinet Fortisiem A improper privilege management in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows attacker to execute privileged code or commands via powershell scripts | 7.8 |
| 2021-11-02 | CVE-2020-18438 | Path Traversal vulnerability in PHPok 5.1 Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title parameter to admin.php. | 7.5 |
| 2021-11-02 | CVE-2020-20657 | Classic Buffer Overflow vulnerability in Libiec Iccp MOD Project Libiec Iccp MOD 1.5 Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denial of service via an unexpected packet while trying to connect. | 7.5 |
| 2021-11-02 | CVE-2020-20658 | Classic Buffer Overflow vulnerability in Libiec Iccp MOD Project Libiec Iccp MOD 1.5 Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space. | 7.5 |
| 2021-11-02 | CVE-2020-21572 | Classic Buffer Overflow vulnerability in Gilcc Project Gilcc Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit 803969389ca9c06237075a7f8eeb1a19e6651759, allows attackers to cause a denial of service. | 7.5 |
| 2021-11-02 | CVE-2020-21574 | Classic Buffer Overflow vulnerability in C-Http Project C-Http 0.1.0 Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function. | 7.5 |
| 2021-11-02 | CVE-2020-23686 | Cross-Site Request Forgery (CSRF) vulnerability in Ayacms Project Ayacms 3.1.2 Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts. | 8.8 |
| 2021-11-02 | CVE-2021-36172 | XXE vulnerability in Fortinet Fortiportal An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file system by means of specifically crafted XML documents. | 8.1 |