Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-20 CVE-2021-27461 Unspecified vulnerability in Emerson products
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.
network
low complexity
emerson
7.5
2021-05-20 CVE-2021-20718 Resource Exhaustion vulnerability in multiple products
mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.
network
low complexity
openidc fedoraproject oracle CWE-400
7.5
2021-05-19 CVE-2021-25644 Cleartext Storage of Sensitive Information vulnerability in Couchbase Server
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta.
network
low complexity
couchbase CWE-312
7.5
2021-05-19 CVE-2017-17677 Incorrect Permission Assignment for Critical Resource vulnerability in BMC Remedy Mid-Tier 9.1
BMC Remedy 9.1SP3 is affected by authenticated code execution.
network
low complexity
bmc CWE-732
8.8
2021-05-19 CVE-2021-3445 A flaw was found in libdnf's signature verification functionality in versions before 0.60.1.
network
high complexity
rpm fedoraproject redhat
7.5
2021-05-19 CVE-2021-3517 There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11.
network
low complexity
xmlsoft redhat fedoraproject debian netapp oracle
8.6
2021-05-19 CVE-2021-20589 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishi products
Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 through 01.38.000, GT23 model communication driver versions 01.19.000 through 01.38.000 and GT21 model communication driver versions 01.21.000 through 01.39.000, GOT SIMPLE series GS21 model communication driver versions 01.21.000 through 01.39.000, GT SoftGOT2000 versions 1.170C through 1.250L and Tension Controller LE7-40GU-L Screen package data for MODBUS/TCP V1.00 allows a remote unauthenticated attacker to stop the communication function of the products via specially crafted packets.
network
low complexity
mitsubishi CWE-119
7.5
2021-05-19 CVE-2021-21732 Unspecified vulnerability in ZTE Axon 11 5G Firmware
A mobile phone of ZTE is impacted by improper access control vulnerability.
network
low complexity
zte
7.5
2021-05-18 CVE-2021-31320 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library.
local
low complexity
telegram CWE-787
7.1
2021-05-18 CVE-2021-31321 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library.
local
low complexity
telegram CWE-787
7.1