An issue was discovered in BigBlueButton through 2.2.29. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
This affects the package systeminformation before 4.30.2. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in sqlite3.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.