Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-25 | CVE-2021-27040 | Out-of-bounds Read vulnerability in multiple products A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. | 3.3 |
| 2021-06-24 | CVE-2021-24000 | Race Condition vulnerability in Mozilla Firefox A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. | 3.1 |
| 2021-06-24 | CVE-2021-29948 | Race Condition vulnerability in Mozilla Thunderbird Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. | 2.5 |
| 2021-06-24 | CVE-2021-33604 | Unspecified vulnerability in Vaadin URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local user to execute arbitrary JavaScript code by opening crafted URL in browser. | 2.5 |
| 2021-06-24 | CVE-2021-32823 | In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. | 3.7 |
| 2021-06-22 | CVE-2021-34396 | Unspecified vulnerability in Nvidia Jetson Linux Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service. | 2.3 |
| 2021-06-22 | CVE-2021-34397 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service. | 2.3 |
| 2021-06-22 | CVE-2021-22365 | Out-of-bounds Read vulnerability in Huawei Ese620X Vess Firmware V100R001C10Spc200/V100R001C20Spc200/V200R001C00Spc300 There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. | 3.3 |
| 2021-06-22 | CVE-2021-34428 | Insufficient Session Expiration vulnerability in multiple products For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. | 3.5 |
| 2021-06-18 | CVE-2020-18442 | Infinite Loop vulnerability in multiple products Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file". | 3.3 |