Export limit exceeded: 80897 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80897 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32073 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 8.8 High |
| DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution. | ||||
| CVE-2021-32066 | 3 Oracle, Redhat, Ruby-lang | 6 Jd Edwards Enterpriseone Tools, Enterprise Linux, Rhel E4s and 3 more | 2024-11-21 | 7.4 High |
| An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." | ||||
| CVE-2021-32051 | 1 Hexagon | 1 Intergraph G\!nius | 2024-11-21 | 7.5 High |
| Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter. | ||||
| CVE-2021-32032 | 1 Linaro | 1 Trusted Firmware-m | 2024-11-21 | 7.5 High |
| In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure) can prevent the abort() operation in the associated cryptographic library from freeing internal resources, causing a memory leak. | ||||
| CVE-2021-32027 | 2 Postgresql, Redhat | 7 Postgresql, Ansible Automation Platform, Enterprise Linux and 4 more | 2024-11-21 | 8.8 High |
| A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2021-32023 | 1 Blackberry | 1 Protect | 2024-11-21 | 7.8 High |
| An elevation of privilege vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system. | ||||
| CVE-2021-32021 | 1 Blackberry | 1 Protect | 2024-11-21 | 7.8 High |
| A denial of service vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system. | ||||
| CVE-2021-32003 | 1 Secomea | 2 Sitemanager, Sitemanager Firmware | 2024-11-21 | 8 High |
| Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware. | ||||
| CVE-2021-31999 | 1 Rancher | 1 Rancher | 2024-11-21 | 8.8 High |
| A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. This issue affects: Rancher versions prior to 2.5.9. Rancher versions prior to 2.4.16. | ||||
| CVE-2021-31996 | 1 Algorithmica Project | 1 Algorithmica | 2024-11-21 | 7.5 High |
| An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge(). | ||||
| CVE-2021-31988 | 1 Axis | 4 Axis Os, Axis Os 2016, Axis Os 2018 and 1 more | 2024-11-21 | 8.8 High |
| A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email. | ||||
| CVE-2021-31987 | 1 Axis | 4 Axis Os, Axis Os 2016, Axis Os 2018 and 1 more | 2024-11-21 | 7.5 High |
| A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. | ||||
| CVE-2021-31985 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 7.8 High |
| Microsoft Defender Remote Code Execution Vulnerability | ||||
| CVE-2021-31984 | 1 Microsoft | 1 Power Bi Report Server | 2024-11-21 | 7.6 High |
| Power BI Remote Code Execution Vulnerability | ||||
| CVE-2021-31983 | 1 Microsoft | 1 Paint 3d | 2024-11-21 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2021-31980 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 8.1 High |
| Microsoft Intune Management Extension Remote Code Execution Vulnerability | ||||
| CVE-2021-31977 | 1 Microsoft | 10 Windows 10, Windows 10 1507, Windows 10 1607 and 7 more | 2024-11-21 | 8.6 High |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2021-31976 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Server for NFS Information Disclosure Vulnerability | ||||
| CVE-2021-31975 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Server for NFS Information Disclosure Vulnerability | ||||
| CVE-2021-31974 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Server for NFS Denial of Service Vulnerability | ||||