Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-24 CVE-2021-30081 SQL Injection vulnerability in Emlog 6.0.0
An issue was discovered in emlog 6.0.0stable.
network
low complexity
emlog CWE-89
8.8
2021-05-24 CVE-2021-32629 Unspecified vulnerability in Bytecodealliance Cranelift-Codegen
Cranelift is an open-source code generator maintained by Bytecode Alliance.
local
low complexity
bytecodealliance
8.8
2021-05-24 CVE-2021-33502 Unspecified vulnerability in Normalize-Url Project Normalize-Url
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.
network
low complexity
normalize-url-project
7.5
2021-05-24 CVE-2021-33516 Unspecified vulnerability in Gnome Gupnp
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5.
network
low complexity
gnome
8.1
2021-05-24 CVE-2020-4990 SQL Injection vulnerability in IBM Security Guardium 11.2
IBM Security Guardium 11.2 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
8.8
2021-05-24 CVE-2021-20385 Unspecified vulnerability in IBM Security Guardium 11.2
IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system.
network
low complexity
ibm
7.2
2021-05-24 CVE-2021-20389 Insufficiently Protected Credentials vulnerability in IBM Security Guardium 11.2
IBM Security Guardium 11.2 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-522
7.8
2021-05-24 CVE-2021-20419 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 11.2
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-05-24 CVE-2021-20557 OS Command Injection vulnerability in IBM Security Guardium 11.2
IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
7.2
2021-05-24 CVE-2020-28905 Code Injection vulnerability in Nagios Fusion
Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to execute remote code via table pagination.
network
low complexity
nagios CWE-94
8.8