Export limit exceeded: 10160 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10125 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10125 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10125 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33907 | 1 Zoom | 1 Meetings | 2024-11-21 | 9.8 Critical |
| The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context. | ||||
| CVE-2021-33898 | 1 Invoiceninja | 1 Invoice Ninja | 2024-11-21 | 8.1 High |
| In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that may allow an attacker to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's input must be hosted at http://www.geoplugin.net (cleartext HTTP), and thus a successful attack requires spoofing that site or obtaining control of it. | ||||
| CVE-2021-33806 | 1 Bdew | 1 Bdlib | 2024-11-21 | 9.8 Critical |
| The BDew BdLib library before 1.16.1.7 for Minecraft allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of its use of Java serialization. | ||||
| CVE-2021-33790 | 2 Minecraft, Techreborn | 2 Minecraft, Reborncore | 2024-11-21 | 9.8 Critical |
| The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.ExtendedPacketBuffer. An attacker can instantiate any class on the classpath with any data. A class usable for exploitation might or might not be present, depending on what Minecraft modifications are installed. | ||||
| CVE-2021-33780 | 1 Microsoft | 9 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 6 more | 2024-11-21 | 8.8 High |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-33778 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-33777 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-33776 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-33775 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-33756 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1809 and 15 more | 2024-11-21 | 8.8 High |
| Windows DNS Snap-in Remote Code Execution Vulnerability | ||||
| CVE-2021-33754 | 1 Microsoft | 9 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 6 more | 2024-11-21 | 8 High |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-33752 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1809 and 15 more | 2024-11-21 | 8.8 High |
| Windows DNS Snap-in Remote Code Execution Vulnerability | ||||
| CVE-2021-33750 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1809 and 15 more | 2024-11-21 | 8.8 High |
| Windows DNS Snap-in Remote Code Execution Vulnerability | ||||
| CVE-2021-33749 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1809 and 15 more | 2024-11-21 | 8.8 High |
| Windows DNS Snap-in Remote Code Execution Vulnerability | ||||
| CVE-2021-33746 | 1 Microsoft | 9 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 6 more | 2024-11-21 | 8 High |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-33740 | 1 Microsoft | 6 Windows 10, Windows 10 1507, Windows 10 1809 and 3 more | 2024-11-21 | 7.8 High |
| Windows Media Remote Code Execution Vulnerability | ||||
| CVE-2021-33719 | 1 Siemens | 3 Siprotec 5 With Cpu Variant Cp050, Siprotec 5 With Cpu Variant Cp100, Siprotec 5 With Cpu Variant Cp300 | 2024-11-21 | 9.8 Critical |
| A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition or potential remote code execution. | ||||
| CVE-2021-33542 | 1 Phoenixcontact | 3 Config\+, Pc Worx, Pc Worx Express | 2024-11-21 | 7.8 High |
| Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data. The attacker needs to get access to an original bus configuration file (*.bcp) to be able to manipulate data inside. After manipulation the attacker needs to exchange the original file by the manipulated one on the application programming workstation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities. Automated systems in operation which were programmed with one of the above-mentioned products are not affected. | ||||
| CVE-2021-33537 | 1 Weidmueller | 16 Ie-wl-bl-ap-cl-eu, Ie-wl-bl-ap-cl-eu Firmware, Ie-wl-bl-ap-cl-us and 13 more | 2024-11-21 | 8.8 High |
| In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | ||||
| CVE-2021-33535 | 1 Weidmueller | 16 Ie-wl-bl-ap-cl-eu, Ie-wl-bl-ap-cl-eu Firmware, Ie-wl-bl-ap-cl-us and 13 more | 2024-11-21 | 8.8 High |
| In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | ||||