Export limit exceeded: 81229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81229 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40511 | 1 Obdasystems | 1 Mastro | 2024-11-21 | 7.5 High |
| OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service. | ||||
| CVE-2021-40510 | 1 Obdasystems | 1 Mastro | 2024-11-21 | 7.5 High |
| XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs. | ||||
| CVE-2021-40503 | 1 Sap | 1 Gui For Windows | 2024-11-21 | 7.8 High |
| An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be able to logon to the backend system the SAP GUI for Windows was connected to and launch further attacks depending on the authorizations of the user. | ||||
| CVE-2021-40502 | 1 Sap | 1 Commerce | 2024-11-21 | 8.8 High |
| SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Authenticated attackers will be able to access and edit data from b2b units they do not belong to. | ||||
| CVE-2021-40501 | 1 Sap | 1 Abap Platform Kernel | 2024-11-21 | 8.1 High |
| SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system. | ||||
| CVE-2021-40500 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 7.5 High |
| SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can enable the attacker to retrieve arbitrary files from the server. | ||||
| CVE-2021-40490 | 5 Debian, Fedoraproject, Linux and 2 more | 30 Debian Linux, Fedora, Linux Kernel and 27 more | 2024-11-21 | 7.0 High |
| A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | ||||
| CVE-2021-40489 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-40488 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-40486 | 1 Microsoft | 6 Office, Office Online Server, Office Web Apps Server and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-40484 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.6 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-40483 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 7.6 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-40481 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.1 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2021-40480 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2021-40479 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40478 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-40477 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-11-21 | 7.8 High |
| Windows Event Tracing Elevation of Privilege Vulnerability | ||||
| CVE-2021-40476 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-11-21 | 7.5 High |
| Windows AppContainer Elevation Of Privilege Vulnerability | ||||
| CVE-2021-40474 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40473 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||