Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-30802 | Use After Free vulnerability in Apple Tvos A use after free issue was addressed with improved memory management. | 8.8 |
| 2021-09-08 | CVE-2021-35217 | Deserialization of Untrusted Data vulnerability in Solarwinds Patch Manager Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. | 8.8 |
| 2021-09-08 | CVE-2020-11301 | Improper Authentication vulnerability in Qualcomm products Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.5 |
| 2021-09-08 | CVE-2021-1914 | Infinite Loop vulnerability in Qualcomm products Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | 7.5 |
| 2021-09-08 | CVE-2021-1923 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT | 7.8 |
| 2021-09-08 | CVE-2021-1930 | Out-of-bounds Read vulnerability in Qualcomm products Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 7.1 |
| 2021-09-08 | CVE-2021-23404 | Cross-Site Request Forgery (CSRF) vulnerability in Sqlite-Web Project Sqlite-Web This affects all versions of package sqlite-web. | 8.8 |
| 2021-09-08 | CVE-2021-36179 | Out-of-bounds Write vulnerability in Fortinet Fortiweb A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution | 8.8 |
| 2021-09-08 | CVE-2021-36182 | OS Command Injection vulnerability in Fortinet Fortiweb A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests | 8.8 |
| 2021-09-07 | CVE-2021-37145 | Command Injection vulnerability in Poly Cx5100 Firmware and Cx5500 Firmware A command-injection vulnerability in an authenticated Telnet connection in Poly (formerly Polycom) CX5500 and CX5100 1.3.5 leads an attacker to Privilege Escalation and Remote Code Execution capability. | 7.2 |