Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-21 CVE-2020-36332 Resource Exhaustion vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat debian netapp CWE-400
7.5
2021-05-21 CVE-2021-31439 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager.
low complexity
synology debian netatalk CWE-787
8.8
2021-05-21 CVE-2021-31440 This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15.
local
high complexity
linux netapp
7.0
2021-05-21 CVE-2021-31473 Unspecified vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598.
local
low complexity
foxitsoftware
7.8
2021-05-21 CVE-2021-31475 Unspecified vulnerability in Solarwinds Orion JOB Scheduler 2020.2.1
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2.
network
low complexity
solarwinds
8.8
2021-05-21 CVE-2021-32633 Path Traversal vulnerability in multiple products
Zope is an open-source web application server.
network
low complexity
plone zope CWE-22
8.8
2021-05-21 CVE-2020-27212 Injection vulnerability in ST Stm32Cubel4 Firmware
STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control.
local
high complexity
st CWE-74
7.0
2021-05-21 CVE-2021-32032 Memory Leak vulnerability in Linaro Trusted Firmware-M
In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure) can prevent the abort() operation in the associated cryptographic library from freeing internal resources, causing a memory leak.
network
low complexity
linaro CWE-401
7.5
2021-05-21 CVE-2021-28798 Path Traversal vulnerability in Qnap QTS and Quts Hero
A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero.
network
low complexity
qnap CWE-22
7.5
2021-05-20 CVE-2020-27209 Unspecified vulnerability in Micro-Ecc Project Micro-Ecc 1.0
The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key.
network
low complexity
micro-ecc-project
7.5