Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-10 | CVE-2021-43562 | Server-Side Request Forgery (SSRF) vulnerability in Pixxio Pixx.Io An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. | 8.8 |
| 2021-11-10 | CVE-2021-39474 | OS Command Injection vulnerability in Ubeeinteractive Ubc1319 Firmware 1319010201R009 Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009. | 7.2 |
| 2021-11-10 | CVE-2021-31853 | Uncontrolled Search Path Element vulnerability in Mcafee Drive Encryption DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. | 7.8 |
| 2021-11-10 | CVE-2021-37157 | Cleartext Storage of Sensitive Information vulnerability in Opengamepanel 20210814 An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. | 8.8 |
| 2021-11-10 | CVE-2021-37158 | OS Command Injection vulnerability in Opengamepanel 20210814 An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. | 8.8 |
| 2021-11-09 | CVE-2020-28419 | Unspecified vulnerability in HP products During installation with certain driver software or application packages an arbitrary code execution could occur. | 8.8 |
| 2021-11-09 | CVE-2021-20119 | Incorrect Authorization vulnerability in Commscope Arris Surfboard Sb8200 Firmware Ab01.02.053.01112320193.0A.Nsh The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password. | 7.1 |
| 2021-11-09 | CVE-2021-43172 | Infinite Loop vulnerability in Nlnetlabs Routinator NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run. | 7.5 |
| 2021-11-09 | CVE-2021-43173 | Resource Exhaustion vulnerability in multiple products In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. | 7.5 |
| 2021-11-09 | CVE-2021-43174 | Out-of-bounds Write vulnerability in multiple products NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. | 7.5 |