Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-19 CVE-2021-30844 Memory Leak vulnerability in Apple mac OS X and Macos
A logic issue was addressed with improved state management.
network
low complexity
apple CWE-401
7.5
2021-10-19 CVE-2021-30846 Out-of-bounds Write vulnerability in multiple products
A memory corruption issue was addressed with improved memory handling.
local
low complexity
apple debian fedoraproject CWE-787
7.8
2021-10-19 CVE-2021-30847 Unspecified vulnerability in Apple products
This issue was addressed with improved checks.
local
low complexity
apple
7.8
2021-10-19 CVE-2021-30848 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
local
low complexity
apple CWE-787
7.8
2021-10-19 CVE-2021-30849 Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
local
low complexity
apple CWE-787
7.8
2021-10-19 CVE-2021-38464 Inadequate Encryption Strength vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to intercept the communication and steal sensitive information or hijack the session.
network
high complexity
inhandnetworks CWE-326
7.4
2021-10-19 CVE-2021-38480 Unspecified vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts.
network
low complexity
inhandnetworks
8.8
2021-10-19 CVE-2021-38484 Unrestricted Upload of File with Dangerous Type vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not have a filter or signature check to detect or prevent an upload of malicious files to the server, which may allow an attacker, acting as an administrator, to upload malicious files.
network
low complexity
inhandnetworks CWE-434
7.2
2021-10-19 CVE-2021-38486 Missing Authorization vulnerability in Inhandnetworks Ir615 Firmware 2.3.0.R4724/2.3.0.R4870
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self-registration of the affected product without any requirements to create an account, which may allow an attacker to have full control over the product and execute code within the internal network to which the product is connected.
network
high complexity
inhandnetworks CWE-862
8.5
2021-10-19 CVE-2021-3846 Unrestricted Upload of File with Dangerous Type vulnerability in Firefly-Iii Firefly III
firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type
network
low complexity
firefly-iii CWE-434
8.8