Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-27 | CVE-2021-27488 | Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. | 7.8 |
2021-05-27 | CVE-2021-27494 | Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. | 7.8 |
2021-05-27 | CVE-2021-27496 | Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. | 7.8 |
2021-05-27 | CVE-2021-22118 | Exposure of Resource to Wrong Sphere vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data. | 7.8 |
2021-05-27 | CVE-2021-22359 | Improper Input Validation vulnerability in Huawei S5700 Firmware and S6700 Firmware There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. | 7.5 |
2021-05-27 | CVE-2021-30465 | Race Condition vulnerability in multiple products runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. | 8.5 |
2021-05-27 | CVE-2021-31154 | Exposure of Resource to Wrong Sphere vulnerability in Pleaseedit Project Pleaseedit pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. | 7.8 |
2021-05-27 | CVE-2021-31155 | Incorrect Permission Assignment for Critical Resource vulnerability in Umask Project Umask Failure to normalize the umask in please before 0.4 allows a local attacker to gain full root privileges if they are allowed to execute at least one command. | 7.8 |
2021-05-27 | CVE-2021-33200 | Out-of-bounds Write vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. | 7.8 |
2021-05-27 | CVE-2020-17514 | Unspecified vulnerability in Apache Fineract Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. | 7.4 |