Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-20 | CVE-2021-28683 | NULL Pointer Dereference vulnerability in Envoyproxy Envoy 1.16.2/1.17.1 An issue was discovered in Envoy through 1.71.1. | 7.5 |
| 2021-05-20 | CVE-2021-29258 | Reachable Assertion vulnerability in Envoyproxy Envoy An issue was discovered in Envoy 1.14.0. | 7.5 |
| 2021-05-20 | CVE-2021-32630 | Unspecified vulnerability in Admidio Admidio is a free, open source user management system for websites of organizations and groups. | 8.8 |
| 2021-05-20 | CVE-2020-21057 | Path Traversal vulnerability in Fusionpbx 4.5.7 Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete folders on the system via the folder variable to app/edit/folderdelete.php. | 8.1 |
| 2021-05-20 | CVE-2020-35580 | Path Traversal vulnerability in Searchblox A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. | 7.5 |
| 2021-05-20 | CVE-2021-27432 | Unspecified vulnerability in Opcfoundation Ua-.Net-Legacy and UA .Net Standard Stack OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. | 7.5 |
| 2021-05-20 | CVE-2020-4850 | Improper Encoding or Escaping of Output vulnerability in IBM Gpfs.Tct.Server IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. | 7.5 |
| 2021-05-20 | CVE-2021-25931 | Cross-Site Request Forgery (CSRF) vulnerability in Opennms Horizon and Meridian In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at `/opennms/admin/userGroupView/users/updateUser`. | 8.8 |
| 2021-05-20 | CVE-2021-29686 | Unspecified vulnerability in IBM Security Identity Manager 7.0.2 IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and perform actions that they should not have access to. | 8.8 |
| 2021-05-20 | CVE-2021-29688 | Information Exposure Through an Error Message vulnerability in IBM Security Identity Manager 6.0.2/7.0.2 IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |