Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-22 | CVE-2021-38475 | Unspecified vulnerability in Auvesy Versiondog The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions. | 8.8 |
| 2021-10-22 | CVE-2021-38479 | Unspecified vulnerability in Auvesy Versiondog Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. | 7.5 |
| 2021-10-22 | CVE-2021-34362 | Command Injection vulnerability in Qnap Media Streaming Add-On A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. | 7.2 |
| 2021-10-21 | CVE-2021-41127 | Unspecified vulnerability in Rasa Rasa is an open source machine learning framework to automate text-and voice-based conversations. | 7.1 |
| 2021-10-21 | CVE-2021-22034 | Unspecified vulnerability in VMWare Vrealize Operations Tenant Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability. | 7.5 |
| 2021-10-21 | CVE-2021-39352 | Unspecified vulnerability in Catchplugins Catch Themes Demo Import The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. | 7.2 |
| 2021-10-21 | CVE-2021-41159 | Out-of-bounds Write vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. | 8.8 |
| 2021-10-21 | CVE-2021-41160 | Out-of-bounds Write vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. | 8.8 |
| 2021-10-21 | CVE-2021-42716 | Classic Buffer Overflow vulnerability in multiple products An issue was discovered in stb stb_image.h 2.27. | 7.1 |
| 2021-10-21 | CVE-2021-35227 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. | 7.8 |