Export limit exceeded: 45347 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10124 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32626 | 6 Debian, Fedoraproject, Netapp and 3 more | 11 Debian Linux, Fedora, Management Services For Element Software and 8 more | 2024-11-21 | 7.5 High |
| Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands. | ||||
| CVE-2021-32625 | 2 Fedoraproject, Redislabs | 2 Fedora, Redis | 2024-11-21 | 7.5 High |
| Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The problem is fixed in version 6.2.4 and 6.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the STRALGO LCS command. On 64 bit systems which have the fixes of CVE-2021-29477 (6.2.3 or 6.0.13), it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB). | ||||
| CVE-2021-32462 | 2 Microsoft, Trendmicro | 2 Windows, Password Manager | 2024-11-21 | 8.8 High |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability. | ||||
| CVE-2021-32234 | 1 Smartertools | 1 Smartermail | 2024-11-21 | 9.8 Critical |
| SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution. | ||||
| CVE-2021-32172 | 1 Maianscriptworld | 1 Maian Cart | 2024-11-21 | 9.8 Critical |
| Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin. | ||||
| CVE-2021-32073 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 8.8 High |
| DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution. | ||||
| CVE-2021-31985 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 7.8 High |
| Microsoft Defender Remote Code Execution Vulnerability | ||||
| CVE-2021-31984 | 1 Microsoft | 1 Power Bi Report Server | 2024-11-21 | 7.6 High |
| Power BI Remote Code Execution Vulnerability | ||||
| CVE-2021-31983 | 1 Microsoft | 1 Paint 3d | 2024-11-21 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2021-31980 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 8.1 High |
| Microsoft Intune Management Extension Remote Code Execution Vulnerability | ||||
| CVE-2021-31967 | 1 Microsoft | 1 Vp9 Video Extensions | 2024-11-21 | 7.8 High |
| VP9 Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-31966 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.2 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-31963 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.1 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-31947 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-31946 | 1 Microsoft | 1 Paint 3d | 2024-11-21 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2021-31945 | 1 Microsoft | 1 Paint 3d | 2024-11-21 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2021-31943 | 1 Microsoft | 1 3d Viewer | 2024-11-21 | 7.8 High |
| 3D Viewer Remote Code Execution Vulnerability | ||||
| CVE-2021-31942 | 1 Microsoft | 1 3d Viewer | 2024-11-21 | 7.8 High |
| 3D Viewer Remote Code Execution Vulnerability | ||||
| CVE-2021-31941 | 1 Microsoft | 3 365 Apps, Office, Outlook | 2024-11-21 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2021-31940 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||