Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-28 CVE-2021-33587 The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
network
low complexity
css-what-project netapp
7.5
2021-05-28 CVE-2021-20267 A flaw was found in openstack-neutron's default Open vSwitch firewall rules.
network
low complexity
openstack redhat
7.1
2021-05-28 CVE-2021-32646 Unspecified vulnerability in Dav-Cogs Project Dav-Cogs
Roomer is a discord bot cog (extension) which provides automatic voice channel generation as well as private voice and text channels.
network
low complexity
dav-cogs-project
7.3
2021-05-28 CVE-2021-33623 Resource Exhaustion vulnerability in multiple products
The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
network
low complexity
trim-newlines-project netapp debian CWE-400
7.5
2021-05-28 CVE-2013-4536 Unspecified vulnerability in Qemu
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
local
low complexity
qemu
7.8
2021-05-28 CVE-2021-29628 Incorrect Authorization vulnerability in Freebsd 12.2/13.0
In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call.
network
low complexity
freebsd CWE-863
7.5
2021-05-28 CVE-2021-29629 Improper Input Validation vulnerability in Freebsd 11.4/12.2/13.0
In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius(3) could allow malicious clients or servers to trigger denial of service in vulnerable servers or clients respectively.
network
low complexity
freebsd CWE-20
7.5
2021-05-28 CVE-2010-3843 Unspecified vulnerability in Ettercap-Project Ettercap 0.7.3
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file.
local
low complexity
ettercap-project
7.8
2021-05-28 CVE-2020-1716 Unspecified vulnerability in Ceph Ceph-Ansible
A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services.
network
low complexity
ceph
8.8
2021-05-28 CVE-2021-27032 Incorrect Default Permissions vulnerability in Autodesk Licensing Services 9.0.1.1462.100
Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues.
local
low complexity
autodesk CWE-276
7.8