Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-04 | CVE-2021-40124 | Improper Privilege Management vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. | 7.8 |
| 2021-11-04 | CVE-2021-42624 | Classic Buffer Overflow vulnerability in Miniftpd Project Miniftpd A local buffer overflow vulnerability exists in the latest version of Miniftpd in ftpproto.c through the tmp variable, where a crafted payload can be sent to the affected function. | 7.8 |
| 2021-11-03 | CVE-2020-28416 | Unspecified vulnerability in HP products HP has identified a security vulnerability with the I.R.I.S. | 7.8 |
| 2021-11-03 | CVE-2020-6931 | Unspecified vulnerability in HP Print and Scan Doctor 5.7.2.014 HP Print and Scan Doctor may potentially be vulnerable to local elevation of privilege. | 7.8 |
| 2021-11-03 | CVE-2021-33800 | Path Traversal vulnerability in Alibaba Druid 1.2.3 In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal. | 7.5 |
| 2021-11-03 | CVE-2021-35053 | Unspecified vulnerability in Kaspersky Endpoint Security 11.1.0/11.6.0 Possible system denial of service in case of arbitrary changing Firefox browser parameters. | 7.5 |
| 2021-11-03 | CVE-2021-38416 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed. | 7.8 |
| 2021-11-03 | CVE-2021-38420 | Incorrect Default Permissions vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow an attacker to modify the installation directory and upload malicious files. | 7.8 |
| 2021-11-03 | CVE-2021-38422 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges. | 7.8 |
| 2021-11-03 | CVE-2021-38424 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. | 7.8 |