Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-40116 | Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. | 7.5 |
| 2021-10-27 | CVE-2021-40117 | Resource Exhaustion vulnerability in Cisco products A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-10-27 | CVE-2021-40118 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. | 7.5 |
| 2021-10-27 | CVE-2021-37803 | SQL Injection vulnerability in Online Covid Vaccination Scheduler System Project Online Covid Vaccination Scheduler System 1.0 An SQL Injection vulnerability exists in Sourcecodester Online Covid Vaccination Scheduler System 1.0 via the username in lognin.php . | 8.1 |
| 2021-10-27 | CVE-2021-37807 | SQL Injection vulnerability in PHPgurukul Online Shopping Portal 3.1 An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user's email is already exist within the database. | 7.5 |
| 2021-10-27 | CVE-2021-29774 | Unspecified vulnerability in IBM products IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. | 7.5 |
| 2021-10-27 | CVE-2021-29844 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). | 8.8 |
| 2021-10-27 | CVE-2021-22101 | Resource Exhaustion vulnerability in Cloudfoundry Capi-Release Cloud Controller versions prior to 1.118.0 are vulnerable to unauthenticated denial of Service(DoS) vulnerability allowing unauthenticated attackers to cause denial of service by using REST HTTP requests with label_selectors on multiple V3 endpoints by generating an enormous SQL query. | 7.5 |
| 2021-10-27 | CVE-2021-37221 | Unrestricted Upload of File with Dangerous Type vulnerability in Customer Relationship Management System Project Customer Relationship Management System 1.0 A file upload vulnerability exists in Sourcecodester Customer Relationship Management System 1.0 via the account update option & customer create option, which could let a remote malicious user upload an arbitrary php file. | 8.8 |
| 2021-10-27 | CVE-2021-41619 | Code Injection vulnerability in Gradle Enterprise 2020.4 An issue was discovered in Gradle Enterprise before 2021.1.2. | 7.2 |