Export limit exceeded: 35128 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35128 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40460 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 6.5 Medium |
| Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability | ||||
| CVE-2021-40456 | 1 Microsoft | 5 Windows Server, Windows Server 2004, Windows Server 2019 and 2 more | 2024-11-21 | 5.3 Medium |
| Windows AD FS Security Feature Bypass Vulnerability | ||||
| CVE-2021-40455 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2024-11-21 | 5.5 Medium |
| Windows Installer Spoofing Vulnerability | ||||
| CVE-2021-40453 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-40452 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-40448 | 1 Microsoft | 1 Accessibility Insights For Android | 2024-11-21 | 6.3 Medium |
| Microsoft Accessibility Insights for Android Information Disclosure Vulnerability | ||||
| CVE-2021-40442 | 1 Microsoft | 8 365 Apps, Excel, Office and 5 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40441 | 1 Microsoft | 7 Windows 7, Windows 8.1, Windows Rt 8.1 and 4 more | 2024-11-21 | 7.8 High |
| Windows Media Center Elevation of Privilege Vulnerability | ||||
| CVE-2021-40387 | 1 Kaseya | 1 Unitrends Backup Software | 2024-11-21 | 8.8 High |
| An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution. | ||||
| CVE-2021-40386 | 1 Kaseya | 1 Unitrends Backup | 2024-11-21 | 9.8 Critical |
| Kaseya Unitrends Client/Agent through 10.5,5 allows remote attackers to execute arbitrary code. | ||||
| CVE-2021-40385 | 1 Kaseya | 1 Unitrends Backup Software | 2024-11-21 | 8.8 High |
| An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin. | ||||
| CVE-2021-40347 | 1 Postorius Project | 1 Postorius | 2024-11-21 | 5.4 Medium |
| An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place. | ||||
| CVE-2021-40330 | 2 Debian, Git-scm | 2 Debian Linux, Git | 2024-11-21 | 7.5 High |
| git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. | ||||
| CVE-2021-40329 | 1 Pingidentity | 1 Pingfederate | 2024-11-21 | 9.8 Critical |
| The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management. | ||||
| CVE-2021-40325 | 1 Cobbler Project | 1 Cobbler | 2024-11-21 | 7.5 High |
| Cobbler before 3.3.0 allows authorization bypass for modification of settings. | ||||
| CVE-2021-40177 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite. | ||||
| CVE-2021-40171 | 1 Securitashome | 2 Securitashome Alarm System, Securitashome Alarm System Firmware | 2024-11-21 | 5.3 Medium |
| The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system. | ||||
| CVE-2021-40147 | 1 Emtec | 1 Zoc | 2024-11-21 | 9.8 Critical |
| EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulnerability than CVE-2021-32198. | ||||
| CVE-2021-40146 | 1 Apache | 1 Any23 | 2024-11-21 | 9.8 Critical |
| A Remote Code Execution (RCE) vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions < 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) vulnerabilities. | ||||
| CVE-2021-40104 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 7.5 High |
| An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass. | ||||