Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-25 CVE-2021-30191 Classic Buffer Overflow vulnerability in Codesys V2 web Server
CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.
network
low complexity
codesys CWE-120
7.5
2021-05-25 CVE-2021-30195 Out-of-bounds Read vulnerability in Codesys Plcwinnt and Runtime Toolkit
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
network
low complexity
codesys CWE-125
7.5
2021-05-25 CVE-2020-9450 Incorrect Default Permissions vulnerability in Acronis True Image 2020 24.5.22510
An issue was discovered in Acronis True Image 2020 24.5.22510.
local
low complexity
acronis CWE-276
7.8
2021-05-25 CVE-2020-9452 Link Following vulnerability in Acronis True Image 2020 24.5.22510
An issue was discovered in Acronis True Image 2020 24.5.22510.
local
low complexity
acronis CWE-59
7.8
2021-05-25 CVE-2021-20096 Cross-Site Request Forgery (CSRF) vulnerability in Lucyparsonslabs Openoversight 0.6.4
Cross-site request forgery in OpenOversight 0.6.4 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
network
low complexity
lucyparsonslabs CWE-352
8.1
2021-05-24 CVE-2021-33563 Use of Password Hash With Insufficient Computational Effort vulnerability in Koel
Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username.
network
low complexity
koel CWE-916
7.5
2021-05-24 CVE-2021-33525 OS Command Injection vulnerability in Eyesofnetwork
EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (by authenticated users) via shell metacharacters in the nagios_path parameter to lilac/export.php, as demonstrated by %26%26+curl to insert an "&& curl" substring for the shell.
network
low complexity
eyesofnetwork CWE-78
8.8
2021-05-24 CVE-2020-20178 Unspecified vulnerability in Whohas Project Whohas
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function.
network
low complexity
whohas-project
7.5
2021-05-24 CVE-2020-21041 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service
network
low complexity
ffmpeg debian CWE-120
7.5
2021-05-24 CVE-2020-26556 Improper Restriction of Excessive Authentication Attempts vulnerability in Bluetooth Core Specification and Mesh Profile
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
high complexity
bluetooth CWE-307
7.5