Export limit exceeded: 351827 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 81059 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81059 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36936 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 8.8 High |
| Windows Print Spooler Remote Code Execution Vulnerability | ||||
| CVE-2021-36933 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | ||||
| CVE-2021-36932 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.5 High |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | ||||
| CVE-2021-36927 | 1 Microsoft | 8 Windows 7, Windows 8.1, Windows Rt 8.1 and 5 more | 2024-11-21 | 7.8 High |
| Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability | ||||
| CVE-2021-36926 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | ||||
| CVE-2021-36925 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2024-11-21 | 7.8 High |
| RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | ||||
| CVE-2021-36924 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2024-11-21 | 7.8 High |
| RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device. | ||||
| CVE-2021-36923 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2024-11-21 | 7.8 High |
| RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | ||||
| CVE-2021-36922 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2024-11-21 | 7.8 High |
| RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | ||||
| CVE-2021-36921 | 1 Monitorapp | 2 Application Insight Manager, Application Insight Web Application Firewall | 2024-11-21 | 8.8 High |
| AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request. | ||||
| CVE-2021-36821 | 1 Incsub | 1 Forminator | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPMU DEV Forminator allows Stored XSS.This issue affects Forminator: from n/a through 1.14.11. | ||||
| CVE-2021-36807 | 1 Sophos | 1 Unified Threat Management Up2date | 2024-11-21 | 8.8 High |
| An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8. | ||||
| CVE-2021-36801 | 1 Akaunting | 1 Akaunting | 2024-11-21 | 8.1 High |
| Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user-controllable field, companies[0]. This issue was fixed in version 2.1.13 of the product. | ||||
| CVE-2021-36800 | 1 Akaunting | 1 Akaunting | 2024-11-21 | 8.7 High |
| Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /{company_id}/sales/invoices/{invoice_id} with an items[0][price] that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the product. | ||||
| CVE-2021-36799 | 1 Knx | 1 Engineering Tool Software 5 | 2024-11-21 | 8.8 High |
| KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2021-36798 | 1 Helpsystems | 1 Cobalt Strike | 2024-11-21 | 7.5 High |
| A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it. | ||||
| CVE-2021-36795 | 1 Cohesity | 1 Linux Agent | 2024-11-21 | 7.8 High |
| A permission issue in the Cohesity Linux agent may allow privilege escalation in version 6.5.1b to 6.5.1d-hotfix10, 6.6.0a to 6.6.0b-hotfix1. An underprivileged linux user, if certain environment criteria are met, can gain additional privileges. | ||||
| CVE-2021-36793 | 1 Routes Project | 1 Routes | 2024-11-21 | 7.5 High |
| The routes (aka Extbase Yaml Routes) extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in HTML output. | ||||
| CVE-2021-36792 | 1 Dated News Project | 1 Dated News | 2024-11-21 | 7.2 High |
| The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications. | ||||
| CVE-2021-36786 | 1 Miniorange | 1 Saml | 2024-11-21 | 7.5 High |
| The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys. | ||||