Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-02 | CVE-2020-20658 | Classic Buffer Overflow vulnerability in Libiec Iccp MOD Project Libiec Iccp MOD 1.5 Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space. | 7.5 |
| 2021-11-02 | CVE-2020-21572 | Classic Buffer Overflow vulnerability in Gilcc Project Gilcc Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit 803969389ca9c06237075a7f8eeb1a19e6651759, allows attackers to cause a denial of service. | 7.5 |
| 2021-11-02 | CVE-2020-21574 | Classic Buffer Overflow vulnerability in C-Http Project C-Http 0.1.0 Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function. | 7.5 |
| 2021-11-02 | CVE-2020-23686 | Cross-Site Request Forgery (CSRF) vulnerability in Ayacms Project Ayacms 3.1.2 Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts. | 8.8 |
| 2021-11-02 | CVE-2021-36172 | XXE vulnerability in Fortinet Fortiportal An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file system by means of specifically crafted XML documents. | 8.1 |
| 2021-11-02 | CVE-2021-41238 | Missing Authorization vulnerability in Hangfire 1.7.25 Hangfire is an open source system to perform background job processing in a .NET or .NET Core applications. | 7.5 |
| 2021-11-02 | CVE-2021-29737 | Improper Certificate Validation vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. | 7.5 |
| 2021-11-02 | CVE-2021-29875 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information due to a insecure third party domain access vulnerability. | 7.5 |
| 2021-11-02 | CVE-2021-29888 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-11-02 | CVE-2021-36922 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0 RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.8 |