Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-01 | CVE-2021-40382 | Unspecified vulnerability in Comprotech products An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. | 7.5 |
| 2021-09-01 | CVE-2021-23426 | Unspecified vulnerability in Proto Project Proto This affects all versions of package Proto. | 7.5 |
| 2021-09-01 | CVE-2021-35215 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. | 8.8 |
| 2021-09-01 | CVE-2021-35216 | Deserialization of Untrusted Data vulnerability in Solarwinds Patch Manager Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. | 8.8 |
| 2021-09-01 | CVE-2021-35218 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. | 8.8 |
| 2021-09-01 | CVE-2021-36002 | Exposure of Resource to Wrong Sphere vulnerability in Adobe Captivate Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. | 7.3 |
| 2021-09-01 | CVE-2021-36022 | XML Injection (aka Blind XPath Injection) vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. | 7.2 |
| 2021-09-01 | CVE-2021-36024 | Command Injection vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. | 7.2 |
| 2021-09-01 | CVE-2021-36025 | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability while saving a customer's details with a specially crafted file. | 7.2 |
| 2021-09-01 | CVE-2021-36028 | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability when saving a configurable product. | 7.2 |