Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-29 | CVE-2021-41189 | Incorrect Authorization vulnerability in Duraspace Dspace 7.0 DSpace is an open source turnkey repository application. | 7.2 |
| 2021-10-29 | CVE-2021-41746 | SQL Injection vulnerability in Yonyou Turbocrm SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. | 7.5 |
| 2021-10-29 | CVE-2021-41874 | Unspecified vulnerability in Portainer An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information. | 7.5 |
| 2021-10-29 | CVE-2021-41645 | Unrestricted Upload of File with Dangerous Type vulnerability in Oretnom23 Budget and Expense Tracker System 1.0 Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. | 8.8 |
| 2021-10-29 | CVE-2021-41675 | Unrestricted Upload of File with Dangerous Type vulnerability in E-Negosyo System Project E-Negosyo System 1.0 A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei. | 7.2 |
| 2021-10-29 | CVE-2021-41186 | Unspecified vulnerability in Fluentd Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. | 7.5 |
| 2021-10-29 | CVE-2021-22037 | Uncontrolled Search Path Element vulnerability in VMWare Installbuilder Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. | 7.8 |
| 2021-10-29 | CVE-2021-22038 | Use of Insufficiently Random Values vulnerability in VMWare Installbuilder On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). | 8.8 |
| 2021-10-29 | CVE-2021-31624 | Classic Buffer Overflow vulnerability in Tendacn AC9 Firmware Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. | 8.8 |
| 2021-10-29 | CVE-2021-31627 | Classic Buffer Overflow vulnerability in Tendacn AC9 Firmware Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. | 8.8 |