Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-21 | CVE-2020-36332 | Resource Exhaustion vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 7.5 |
2021-05-21 | CVE-2021-31439 | Out-of-bounds Write vulnerability in multiple products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. | 8.8 |
2021-05-21 | CVE-2021-31440 | This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. | 7.0 |
2021-05-21 | CVE-2021-31473 | Unspecified vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. | 7.8 |
2021-05-21 | CVE-2021-31475 | Unspecified vulnerability in Solarwinds Orion JOB Scheduler 2020.2.1 This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. | 8.8 |
2021-05-21 | CVE-2021-32633 | Path Traversal vulnerability in multiple products Zope is an open-source web application server. | 8.8 |
2021-05-21 | CVE-2020-27212 | Injection vulnerability in ST Stm32Cubel4 Firmware STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. | 7.0 |
2021-05-21 | CVE-2021-32032 | Memory Leak vulnerability in Linaro Trusted Firmware-M In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure) can prevent the abort() operation in the associated cryptographic library from freeing internal resources, causing a memory leak. | 7.5 |
2021-05-21 | CVE-2021-28798 | Path Traversal vulnerability in Qnap QTS and Quts Hero A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. | 7.5 |
2021-05-20 | CVE-2020-27209 | Unspecified vulnerability in Micro-Ecc Project Micro-Ecc 1.0 The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key. | 7.5 |