Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-25 CVE-2020-10065 Out-of-bounds Write vulnerability in Zephyrproject Zephyr
Missing Size Checks in Bluetooth HCI over SPI.
low complexity
zephyrproject CWE-787
8.8
2021-05-25 CVE-2020-13598 Out-of-bounds Write vulnerability in Zephyrproject Zephyr
FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat.
local
low complexity
zephyrproject CWE-787
7.8
2021-05-25 CVE-2020-13600 Out-of-bounds Write vulnerability in Zephyrproject Zephyr
Malformed SPI in response for eswifi can corrupt kernel memory.
low complexity
zephyrproject CWE-787
7.6
2021-05-25 CVE-2020-13603 Integer Overflow or Wraparound vulnerability in Zephyrproject Zephyr
Integer Overflow in memory allocating functions.
local
low complexity
zephyrproject CWE-190
7.8
2021-05-25 CVE-2021-21657 Unspecified vulnerability in Jenkins Filesystem Trigger
Jenkins Filesystem Trigger Plugin 0.40 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
network
low complexity
jenkins
8.8
2021-05-25 CVE-2021-21659 Unspecified vulnerability in Jenkins Urltrigger
Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
network
low complexity
jenkins
8.1
2021-05-25 CVE-2021-23937 Information Exposure vulnerability in Apache Wicket
A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized.
network
low complexity
apache CWE-200
7.5
2021-05-25 CVE-2021-3320 Type Confusion vulnerability in Zephyrproject Zephyr
Type Confusion in 802154 ACK Frames Handling.
network
low complexity
zephyrproject CWE-843
7.5
2021-05-25 CVE-2021-27823 Unspecified vulnerability in Mediateknet Netwave System 1.0
An information disclosure vulnerability was discovered in /index.class.php (via port 8181) on NetWave System 1.0 which allows unauthenticated attackers to exfiltrate sensitive information from the system.
network
low complexity
mediateknet
7.5
2021-05-25 CVE-2021-30186 Out-of-bounds Write vulnerability in Codesys Plcwinnt and Runtime Toolkit
CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.
network
low complexity
codesys CWE-787
7.5