Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-08 CVE-2021-35979 Missing Authentication for Critical Function vulnerability in Digi products
An issue was discovered in Digi RealPort through 4.8.488.0.
network
high complexity
digi CWE-306
8.1
2021-10-08 CVE-2021-41133 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
local
low complexity
flatpak debian fedoraproject
7.8
2021-10-08 CVE-2021-41947 SQL Injection vulnerability in Intelliants Subrion CMS 4.2.1
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.
network
low complexity
intelliants CWE-89
7.2
2021-10-07 CVE-2021-42086 Unspecified vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad
8.8
2021-10-07 CVE-2021-42089 Information Exposure vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-200
7.5
2021-10-07 CVE-2021-42095 Unspecified vulnerability in Netsarang Xshell 7
Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar.
network
low complexity
netsarang
7.5
2021-10-07 CVE-2021-42093 Unspecified vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad
7.2
2021-10-07 CVE-2021-20489 Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2021-10-07 CVE-2021-20584 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls.
network
low complexity
ibm
7.5
2021-10-07 CVE-2021-28129 Unspecified vulnerability in Apache Openoffice 4.1.8
While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500.
local
low complexity
apache
7.8