Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-03 | CVE-2021-38422 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges. | 7.8 |
| 2021-11-03 | CVE-2021-38424 | Unspecified vulnerability in Deltaww Dialink 1.2.4.0 The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. | 7.8 |
| 2021-11-03 | CVE-2021-43339 | Command Injection vulnerability in Ericsson Network Location In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality. | 8.8 |
| 2021-11-03 | CVE-2020-18263 | SQL Injection vulnerability in PHP-Cms Project PHP-Cms 1.0 PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. | 7.5 |
| 2021-11-03 | CVE-2020-23109 | Classic Buffer Overflow vulnerability in Struktur Libheif 1.6.2 Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file. | 8.1 |
| 2021-11-03 | CVE-2020-23680 | Unspecified vulnerability in Text2Pdf Project Text2Pdf 1.1 An issue was discovered in function StartPage in text2pdf.c in pdfcorner text2pdf 1.1, allows attackers to cause denial of service or possibly other undisclosed impacts. | 7.8 |
| 2021-11-03 | CVE-2021-26786 | Unspecified vulnerability in Playtuber Project Playtuber An issue was discoverered in in customercentric-selling-poland PlayTube, allows authenticated attackers to execute arbitrary code via the purchace code to the config.php. | 8.8 |
| 2021-11-03 | CVE-2021-37147 | Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2021-11-03 | CVE-2021-37148 | Improper Input Validation vulnerability in multiple products Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2021-11-03 | CVE-2021-37149 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |