Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-25 | CVE-2021-30191 | Classic Buffer Overflow vulnerability in Codesys V2 web Server CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input. | 7.5 |
2021-05-25 | CVE-2021-30195 | Out-of-bounds Read vulnerability in Codesys Plcwinnt and Runtime Toolkit CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. | 7.5 |
2021-05-25 | CVE-2020-9450 | Incorrect Default Permissions vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 7.8 |
2021-05-25 | CVE-2020-9452 | Link Following vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 7.8 |
2021-05-25 | CVE-2021-20096 | Cross-Site Request Forgery (CSRF) vulnerability in Lucyparsonslabs Openoversight 0.6.4 Cross-site request forgery in OpenOversight 0.6.4 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 8.1 |
2021-05-24 | CVE-2021-33563 | Use of Password Hash With Insufficient Computational Effort vulnerability in Koel Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. | 7.5 |
2021-05-24 | CVE-2021-33525 | OS Command Injection vulnerability in Eyesofnetwork EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (by authenticated users) via shell metacharacters in the nagios_path parameter to lilac/export.php, as demonstrated by %26%26+curl to insert an "&& curl" substring for the shell. | 8.8 |
2021-05-24 | CVE-2020-20178 | Unspecified vulnerability in Whohas Project Whohas Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. | 7.5 |
2021-05-24 | CVE-2020-21041 | Classic Buffer Overflow vulnerability in multiple products Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service | 7.5 |
2021-05-24 | CVE-2020-26556 | Improper Restriction of Excessive Authentication Attempts vulnerability in Bluetooth Core Specification and Mesh Profile Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment. | 7.5 |