Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-03 | CVE-2021-33800 | Path Traversal vulnerability in Alibaba Druid 1.2.3 In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal. | 7.5 |
| 2021-11-03 | CVE-2021-35053 | Unspecified vulnerability in Kaspersky Endpoint Security 11.1.0/11.6.0 Possible system denial of service in case of arbitrary changing Firefox browser parameters. | 7.5 |
| 2021-11-03 | CVE-2021-38416 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed. | 7.8 |
| 2021-11-03 | CVE-2021-38420 | Incorrect Default Permissions vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow an attacker to modify the installation directory and upload malicious files. | 7.8 |
| 2021-11-03 | CVE-2021-38422 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges. | 7.8 |
| 2021-11-03 | CVE-2021-38424 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. | 7.8 |
| 2021-11-03 | CVE-2021-43339 | Command Injection vulnerability in Ericsson Network Location In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality. | 8.8 |
| 2021-11-03 | CVE-2020-18263 | SQL Injection vulnerability in PHP-Cms Project PHP-Cms 1.0 PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. | 7.5 |
| 2021-11-03 | CVE-2020-23109 | Classic Buffer Overflow vulnerability in Struktur Libheif 1.6.2 Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file. | 8.1 |
| 2021-11-03 | CVE-2020-23680 | Unspecified vulnerability in Text2Pdf Project Text2Pdf 1.1 An issue was discovered in function StartPage in text2pdf.c in pdfcorner text2pdf 1.1, allows attackers to cause denial of service or possibly other undisclosed impacts. | 7.8 |