Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-29 CVE-2021-31624 Classic Buffer Overflow vulnerability in Tendacn AC9 Firmware
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.
low complexity
tendacn CWE-120
8.8
2021-10-29 CVE-2021-31627 Classic Buffer Overflow vulnerability in Tendacn AC9 Firmware
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.
low complexity
tendacn CWE-120
8.8
2021-10-29 CVE-2021-25742 A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.
network
low complexity
kubernetes netapp
7.1
2021-10-28 CVE-2020-23546 Unspecified vulnerability in Irfanview 4.54
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.
local
low complexity
irfanview
7.8
2021-10-28 CVE-2020-23549 Unspecified vulnerability in Irfanview 4.54
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".
local
low complexity
irfanview
7.8
2021-10-28 CVE-2020-9897 Out-of-bounds Write vulnerability in Apple Iphone OS
An out-of-bounds write was addressed with improved input validation.
local
low complexity
apple CWE-787
7.8
2021-10-28 CVE-2021-30809 Use After Free vulnerability in Apple products
A use after free issue was addressed with improved memory management.
network
low complexity
apple CWE-416
8.8
2021-10-28 CVE-2021-30814 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved input validation.
local
low complexity
apple CWE-787
7.8
2021-10-28 CVE-2021-30818 Type Confusion vulnerability in Apple products
A type confusion issue was addressed with improved state handling.
network
low complexity
apple CWE-843
8.8
2021-10-28 CVE-2021-30821 Unspecified vulnerability in Apple mac OS X
A memory corruption issue was addressed with improved memory handling.
local
low complexity
apple
7.8