Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-02 | CVE-2021-24012 | Improper Certificate Validation vulnerability in Fortinet Fortios An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority. | 7.3 |
| 2021-06-02 | CVE-2020-10771 | A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. | 7.1 |
| 2021-06-02 | CVE-2020-14326 | A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. | 7.5 |
| 2021-06-02 | CVE-2021-29090 | Unspecified vulnerability in Synology Photo Station Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in PHP component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary SQL command via unspecified vectors. | 7.2 |
| 2021-06-01 | CVE-2021-32656 | Unspecified vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 8.6 |
| 2021-06-01 | CVE-2021-22123 | OS Command Injection vulnerability in Fortinet Fortiweb An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page. | 8.8 |
| 2021-06-01 | CVE-2021-31684 | Out-of-bounds Write vulnerability in multiple products A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request. | 7.5 |
| 2021-06-01 | CVE-2020-22035 | Out-of-bounds Write vulnerability in multiple products A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences. | 8.8 |
| 2021-06-01 | CVE-2020-22036 | Out-of-bounds Write vulnerability in multiple products A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption and other potential consequences. | 8.8 |
| 2021-06-01 | CVE-2021-32924 | Code Injection vulnerability in Invisioncommunity IPS Community Suite Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock method interacts unsafely with the IPS\_Theme::runProcessFunction method. | 8.8 |