Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-1930 | Out-of-bounds Read vulnerability in Qualcomm products Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 7.1 |
| 2021-09-08 | CVE-2021-23404 | Cross-Site Request Forgery (CSRF) vulnerability in Sqlite-Web Project Sqlite-Web This affects all versions of package sqlite-web. | 8.8 |
| 2021-09-08 | CVE-2021-36179 | Out-of-bounds Write vulnerability in Fortinet Fortiweb A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution | 8.8 |
| 2021-09-08 | CVE-2021-36182 | OS Command Injection vulnerability in Fortinet Fortiweb A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests | 8.8 |
| 2021-09-07 | CVE-2021-37145 | Command Injection vulnerability in Poly Cx5100 Firmware and Cx5500 Firmware A command-injection vulnerability in an authenticated Telnet connection in Poly (formerly Polycom) CX5500 and CX5100 1.3.5 leads an attacker to Privilege Escalation and Remote Code Execution capability. | 7.2 |
| 2021-09-07 | CVE-2020-19765 | Incorrect Authorization vulnerability in Proofofdiligencetoken Project Proofofdiligencetoken 1.0 An issue in the noReentrance() modifier of the Ethereum-based contract Accounting 1.0 allows attackers to carry out a reentrancy attack. | 7.5 |
| 2021-09-07 | CVE-2020-19766 | Improper Check for Unusual or Exceptional Conditions vulnerability in Tokenerc20 Project Tokenerc20 1.0 The time check operation of PepeAuctionSale 1.0 can be rendered ineffective by assigning a large number to the _duration variable, compromising access control to the application. | 7.5 |
| 2021-09-07 | CVE-2020-19767 | Unspecified vulnerability in Zeroxracer Project Zeroxracer 1.0 A lack of target address verification in the destroycontract() function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script. | 7.5 |
| 2021-09-07 | CVE-2020-19768 | Insufficient Verification of Data Authenticity vulnerability in Tokensale Project Tokensale 1.0 A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script. | 7.5 |
| 2021-09-07 | CVE-2020-19769 | Insufficient Verification of Data Authenticity vulnerability in Rtb1 Project Rtb1 1.0 A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script. | 7.5 |