Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2021-06-25 CVE-2021-27040 Out-of-bounds Read vulnerability in multiple products
A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file.
3.3
2021-06-24 CVE-2021-24000 Race Condition vulnerability in Mozilla Firefox
A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab.
network
high complexity
mozilla CWE-362
3.1
2021-06-24 CVE-2021-29948 Race Condition vulnerability in Mozilla Thunderbird
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file.
local
high complexity
mozilla CWE-362
2.5
2021-06-24 CVE-2021-33604 Unspecified vulnerability in Vaadin
URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local user to execute arbitrary JavaScript code by opening crafted URL in browser.
local
high complexity
vaadin
2.5
2021-06-24 CVE-2021-32823 In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability.
network
high complexity
bindata-project gitlab
3.7
2021-06-22 CVE-2021-34396 Unspecified vulnerability in Nvidia Jetson Linux
Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.
local
low complexity
nvidia
2.3
2021-06-22 CVE-2021-34397 Out-of-bounds Write vulnerability in Nvidia Jetson Linux
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.
local
low complexity
nvidia CWE-787
2.3
2021-06-22 CVE-2021-22365 Out-of-bounds Read vulnerability in Huawei Ese620X Vess Firmware V100R001C10Spc200/V100R001C20Spc200/V200R001C00Spc300
There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300.
local
low complexity
huawei CWE-125
3.3
2021-06-22 CVE-2021-34428 Insufficient Session Expiration vulnerability in multiple products
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager.
3.5
2021-06-18 CVE-2020-18442 Infinite Loop vulnerability in multiple products
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".
3.3