Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-21 | CVE-2020-27212 | Injection vulnerability in ST Stm32Cubel4 Firmware STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. | 7.0 |
2021-05-21 | CVE-2021-32032 | Memory Leak vulnerability in Linaro Trusted Firmware-M In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure) can prevent the abort() operation in the associated cryptographic library from freeing internal resources, causing a memory leak. | 7.5 |
2021-05-21 | CVE-2021-28798 | Path Traversal vulnerability in Qnap QTS and Quts Hero A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. | 7.5 |
2021-05-20 | CVE-2020-27209 | Unspecified vulnerability in Micro-Ecc Project Micro-Ecc 1.0 The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key. | 7.5 |
2021-05-20 | CVE-2020-18220 | Inadequate Encryption Strength vulnerability in Html-Js Doracms Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive information as it does not use a random salt or IV for its AES-CBC encryption, causes password encrypted for users to be susceptible to dictionary attacks. | 7.5 |
2021-05-20 | CVE-2021-33477 | Improper Handling of Exceptional Conditions vulnerability in multiple products rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). network low complexity eterm-project mrxvt-project rxvt-project rxvt-unicode-project fedoraproject debian CWE-755 | 8.8 |
2021-05-20 | CVE-2021-28902 | Unchecked Return Value vulnerability in Cesnet Libyang In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. | 7.5 |
2021-05-20 | CVE-2021-28903 | Uncontrolled Recursion vulnerability in Cesnet Libyang A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). | 7.5 |
2021-05-20 | CVE-2021-28904 | Unchecked Return Value vulnerability in Cesnet Libyang In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. | 7.5 |
2021-05-20 | CVE-2021-28905 | Reachable Assertion vulnerability in Cesnet Libyang In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. | 7.5 |