Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-01 | CVE-2021-42574 | Code Injection vulnerability in multiple products An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. | 8.3 |
| 2021-11-01 | CVE-2021-42694 | Unspecified vulnerability in Unicode An issue was discovered in the character definitions of the Unicode Specification through 14.0. | 8.3 |
| 2021-11-01 | CVE-2021-20838 | XXE vulnerability in Antennahouse Office Server Document Converter Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition by processing a specially crafted XML document. | 7.5 |
| 2021-10-30 | CVE-2021-36808 | Race Condition vulnerability in Sophos Secure Workspace A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. | 7.0 |
| 2021-10-29 | CVE-2021-1118 | Improper Privilege Management vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service | 7.8 |
| 2021-10-29 | CVE-2021-1119 | Double Free vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. | 7.1 |
| 2021-10-29 | CVE-2021-1120 | Unspecified vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. | 7.0 |
| 2021-10-29 | CVE-2021-41189 | Incorrect Authorization vulnerability in Duraspace Dspace 7.0 DSpace is an open source turnkey repository application. | 7.2 |
| 2021-10-29 | CVE-2021-41746 | SQL Injection vulnerability in Yonyou Turbocrm SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. | 7.5 |
| 2021-10-29 | CVE-2021-41874 | Unspecified vulnerability in Portainer An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information. | 7.5 |