A SQL injection vulnerability exists in the Take Attendance functionality of OS4Ed's OpenSIS 8.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in Oracle Linux (component: OSwatcher). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in Concrete CMS through 8.5.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.