Export limit exceeded: 349498 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 35128 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35128 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41343 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 5.5 Medium |
| Windows Fast FAT File System Driver Information Disclosure Vulnerability | ||||
| CVE-2021-41342 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 6.8 Medium |
| Windows MSHTML Platform Remote Code Execution Vulnerability | ||||
| CVE-2021-41340 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7.8 High |
| Windows Graphics Component Remote Code Execution Vulnerability | ||||
| CVE-2021-41338 | 1 Microsoft | 14 Windows 10, Windows 10 1507, Windows 10 1607 and 11 more | 2024-11-21 | 5.5 Medium |
| Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability | ||||
| CVE-2021-41337 | 1 Microsoft | 5 Windows Server 2004, Windows Server 2016, Windows Server 2019 and 2 more | 2024-11-21 | 4.9 Medium |
| Active Directory Security Feature Bypass Vulnerability | ||||
| CVE-2021-41336 | 1 Microsoft | 3 Windows 11, Windows 11 21h2, Windows Server 2022 | 2024-11-21 | 5.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2021-41333 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2024-11-21 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2021-41332 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 6.5 Medium |
| Windows Print Spooler Information Disclosure Vulnerability | ||||
| CVE-2021-41331 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| Windows Media Audio Decoder Remote Code Execution Vulnerability | ||||
| CVE-2021-41330 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||||
| CVE-2021-41326 | 1 Misp | 1 Misp | 2024-11-21 | 9.8 Critical |
| In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call. | ||||
| CVE-2021-41303 | 2 Apache, Oracle | 2 Shiro, Financial Services Crime And Compliance Management Studio | 2024-11-21 | 9.8 Critical |
| Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0. | ||||
| CVE-2021-41222 | 1 Google | 1 Tensorflow | 2024-11-21 | 5.5 Medium |
| TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever `size_splits` contains more than one value and at least one value is negative. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. | ||||
| CVE-2021-41194 | 1 Jupyterhub | 1 First Use Authenticator | 2024-11-21 | 9.1 Critical |
| FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if `create_users=True` and the username is known or guessed. One may upgrade to version 1.0.0 or apply a patch manually to mitigate the vulnerability. For those who cannot upgrade, there is no complete workaround, but a partial mitigation exists. One can disable user creation with `c.FirstUseAuthenticator.create_users = False`, which will only allow login with fully normalized usernames for already existing users prior to jupyterhub-firstuserauthenticator 1.0.0. If any users have never logged in with their normalized username (i.e. lowercase), they will still be vulnerable until a patch or upgrade occurs. | ||||
| CVE-2021-41173 | 1 Ethereum | 1 Go Ethereum | 2024-11-21 | 5.7 Medium |
| Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading. | ||||
| CVE-2021-41055 | 1 Gajim | 1 Gajim | 2024-11-21 | 7.5 High |
| Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message in multi-user chat, where the message ID equals the correction ID. | ||||
| CVE-2021-41033 | 1 Eclipse | 1 Equinox | 2024-11-21 | 8.1 High |
| In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installation can be vulnerable to man-in-the-middle attack if using p2 repos that are HTTP; that can then be exploited to serve incorrect p2 metadata and entirely alter the local installation, particularly by installing plug-ins that may then run malicious code. | ||||
| CVE-2021-41021 | 1 Fortinet | 1 Fortinac | 2024-11-21 | 7.8 High |
| A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command. | ||||
| CVE-2021-41011 | 1 Linecorp | 1 Line | 2024-11-21 | 7.5 High |
| LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information. | ||||
| CVE-2021-41005 | 1 Hpe | 14 Aruba Instant On 1930 24g 4sfp\/sfp\+, Aruba Instant On 1930 24g 4sfp\/sfp\+ Firmware, Aruba Instant On 1930 24g Class4 Poe 4sfp\/sfp\+ 195w and 11 more | 2024-11-21 | 6.5 Medium |
| A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0. | ||||