Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-20 | CVE-2021-28906 | Unchecked Return Value vulnerability in Cesnet Libyang In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. | 7.5 |
| 2021-05-20 | CVE-2021-28682 | Integer Overflow or Wraparound vulnerability in Envoyproxy Envoy An issue was discovered in Envoy through 1.71.1. | 7.5 |
| 2021-05-20 | CVE-2021-28683 | NULL Pointer Dereference vulnerability in Envoyproxy Envoy 1.16.2/1.17.1 An issue was discovered in Envoy through 1.71.1. | 7.5 |
| 2021-05-20 | CVE-2021-29258 | Reachable Assertion vulnerability in Envoyproxy Envoy An issue was discovered in Envoy 1.14.0. | 7.5 |
| 2021-05-20 | CVE-2021-32630 | Unspecified vulnerability in Admidio Admidio is a free, open source user management system for websites of organizations and groups. | 8.8 |
| 2021-05-20 | CVE-2020-21057 | Path Traversal vulnerability in Fusionpbx 4.5.7 Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete folders on the system via the folder variable to app/edit/folderdelete.php. | 8.1 |
| 2021-05-20 | CVE-2020-35580 | Path Traversal vulnerability in Searchblox A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. | 7.5 |
| 2021-05-20 | CVE-2021-27432 | Unspecified vulnerability in Opcfoundation Ua-.Net-Legacy and UA .Net Standard Stack OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. | 7.5 |
| 2021-05-20 | CVE-2020-4850 | Improper Encoding or Escaping of Output vulnerability in IBM Gpfs.Tct.Server IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. | 7.5 |
| 2021-05-20 | CVE-2021-25931 | Cross-Site Request Forgery (CSRF) vulnerability in Opennms Horizon and Meridian In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at `/opennms/admin/userGroupView/users/updateUser`. | 8.8 |