Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-11-10 CVE-2021-43562 Server-Side Request Forgery (SSRF) vulnerability in Pixxio Pixx.Io
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3.
network
low complexity
pixxio CWE-918
8.8
2021-11-10 CVE-2021-39474 OS Command Injection vulnerability in Ubeeinteractive Ubc1319 Firmware 1319010201R009
Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009.
network
low complexity
ubeeinteractive CWE-78
7.2
2021-11-10 CVE-2021-31853 Uncontrolled Search Path Element vulnerability in Mcafee Drive Encryption
DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder.
local
low complexity
mcafee CWE-427
7.8
2021-11-10 CVE-2021-37157 Cleartext Storage of Sensitive Information vulnerability in Opengamepanel 20210814
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14.
network
low complexity
opengamepanel CWE-312
8.8
2021-11-10 CVE-2021-37158 OS Command Injection vulnerability in Opengamepanel 20210814
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14.
network
low complexity
opengamepanel CWE-78
8.8
2021-11-09 CVE-2020-28419 Unspecified vulnerability in HP products
During installation with certain driver software or application packages an arbitrary code execution could occur.
network
low complexity
hp
8.8
2021-11-09 CVE-2021-20119 Incorrect Authorization vulnerability in Commscope Arris Surfboard Sb8200 Firmware Ab01.02.053.01112320193.0A.Nsh
The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password.
high complexity
commscope CWE-863
7.1
2021-11-09 CVE-2021-43172 Infinite Loop vulnerability in Nlnetlabs Routinator
NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run.
network
low complexity
nlnetlabs CWE-835
7.5
2021-11-09 CVE-2021-43173 Resource Exhaustion vulnerability in multiple products
In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive.
network
low complexity
nlnetlabs debian CWE-400
7.5
2021-11-09 CVE-2021-43174 Out-of-bounds Write vulnerability in multiple products
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories.
network
low complexity
nlnetlabs debian CWE-787
7.5