Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-01 CVE-2021-36047 XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian
7.8
7.8
2021-09-01 CVE-2021-36048 XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian
7.8
7.8
2021-09-01 CVE-2021-36050 Out-of-bounds Write vulnerability in multiple products
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-787
7.8
7.8
2021-09-01 CVE-2021-36055 XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian
7.8
7.8
2021-09-01 CVE-2021-36064 XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian
7.8
7.8
2021-09-01 CVE-2021-36068 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-119
7.8
7.8
2021-09-01 CVE-2021-39847 XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian
7.8
7.8
2021-09-01 CVE-2021-35508 Incorrect Permission Assignment for Critical Resource vulnerability in Terarecon Aquariusnet 4.4.13
NMSAccess32.exe in TeraRecon AQNetClient 4.4.13 allows attackers to execute a malicious binary with SYSTEM privileges via a low-privileged user account.
network
low complexity
terarecon CWE-732
8.8
8.8
2021-09-01 CVE-2021-39373 Insufficiently Protected Credentials vulnerability in Samsung Drive Manager 2.0.104
Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management.
local
low complexity
samsung CWE-522
7.8
7.8
2021-09-01 CVE-2021-38703 Unspecified vulnerability in KPN Experia Wifi Firmware 1.00.15
Wireless devices running certain Arcadyan-derived firmware (such as KPN Experia WiFi 1.00.15) do not properly sanitise user input to the syslog configuration form.
network
low complexity
kpn
8.8
8.8