Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-02 | CVE-2021-36924 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0 RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device. | 7.8 |
| 2021-11-02 | CVE-2021-36925 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0 RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.8 |
| 2021-11-02 | CVE-2021-37842 | Cleartext Storage of Sensitive Information vulnerability in Couchbase Server 7.0.0/7.0.1 metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. | 7.5 |
| 2021-11-02 | CVE-2021-42763 | Cleartext Storage of Sensitive Information vulnerability in Couchbase Server Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. | 7.5 |
| 2021-11-02 | CVE-2021-27722 | Classic Buffer Overflow vulnerability in Nsasoft Spotauditor 5.3.5 An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. | 7.5 |
| 2021-11-02 | CVE-2021-3765 | Unspecified vulnerability in Validator Project Validator validator.js is vulnerable to Inefficient Regular Expression Complexity | 7.5 |
| 2021-11-01 | CVE-2021-41187 | Unspecified vulnerability in Dhis2 Dhis 2 DHIS 2 is an information system for data capture, management, validation, analytics and visualization. | 8.8 |
| 2021-11-01 | CVE-2021-31849 | SQL Injection vulnerability in Mcafee Data Loss Prevention Endpoint 11.6.0/11.6.100.41 SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension. | 7.2 |
| 2021-11-01 | CVE-2021-38847 | Unrestricted Upload of File with Dangerous Type vulnerability in S-Cart S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. | 8.8 |
| 2021-11-01 | CVE-2020-28702 | SQL Injection vulnerability in Pybbs Project Pybbs 5.2.1 A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information. | 7.5 |