Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-01 | CVE-2021-23017 | A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. | 7.7 |
| 2021-06-01 | CVE-2021-23019 | Insufficiently Protected Credentials vulnerability in F5 Nginx Controller The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package. | 7.8 |
| 2021-06-01 | CVE-2021-23018 | Cleartext Transmission of Sensitive Information vulnerability in F5 Nginx Controller Intra-cluster communication does not use TLS. | 7.4 |
| 2021-05-29 | CVE-2021-31702 | Unspecified vulnerability in Frontiersoftware Ichris 5.18 Frontier ichris through 5.18 mishandles making a DNS request for the hostname in the HTTP Host header, as demonstrated by submitting 127.0.0.1 multiple times for DoS. | 7.5 |
| 2021-05-28 | CVE-2020-18395 | NULL Pointer Dereference vulnerability in GNU Gama 2.04 A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs. | 7.5 |
| 2021-05-28 | CVE-2021-29492 | Unspecified vulnerability in Envoyproxy Envoy Envoy is a cloud-native edge/middle/service proxy. | 8.3 |
| 2021-05-28 | CVE-2021-29505 | XStream is software for serializing Java objects to XML and back again. | 8.8 |
| 2021-05-28 | CVE-2021-32620 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2021-05-28 | CVE-2021-32621 | Unspecified vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2021-05-28 | CVE-2020-26641 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.16 A Cross Site Request Forgery (CSRF) vulnerability was discovered in iCMS 7.0.16 which can allow an attacker to execute arbitrary web scripts. | 8.8 |