Search Results (362815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-28494 1 Arista 2 7130, Metamako Operating System 2024-11-21 9.6 Critical
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prior releases
CVE-2021-28493 1 Arista 2 7130, Metamako Operating System 2024-11-21 8.4 High
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.32.0 and prior releases
CVE-2021-28492 1 Unisys 1 Stealth 2024-11-21 4.9 Medium
Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format.
CVE-2021-28490 1 Owasp 1 Csrfguard 2024-11-21 8.8 High
In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token.
CVE-2021-28488 1 Ericsson 1 Network Manager 2024-11-21 6.5 Medium
Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group).
CVE-2021-28485 1 Ericsson 2 Mobile Switching Center Server Bc 18a, Mobile Switching Center Server Bc 18a Firmware 2024-11-21 4.3 Medium
In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application.
CVE-2021-28484 2 Fedoraproject, Yubico 2 Fedora, Yubihsm Connector 2024-11-21 7.5 High
An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send it data, preventing any further operations until the yubihsm-connector is restarted. An attacker can send 0, 1, or 2 bytes to trigger this.
CVE-2021-28483 1 Microsoft 1 Exchange Server 2024-11-21 9 Critical
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-28482 1 Microsoft 1 Exchange Server 2024-11-21 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-28481 1 Microsoft 1 Exchange Server 2024-11-21 9.8 Critical
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-28480 1 Microsoft 1 Exchange Server 2024-11-21 9.8 Critical
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-28479 1 Microsoft 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more 2024-11-21 5.5 Medium
Windows CSC Service Information Disclosure Vulnerability
CVE-2021-28477 1 Microsoft 1 Visual Studio Code 2024-11-21 7 High
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28476 1 Microsoft 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more 2024-11-21 9.9 Critical
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2021-28475 1 Microsoft 1 Visual Studio Code 2024-11-21 7.8 High
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28474 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2024-11-21 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-28473 1 Microsoft 1 Visual Studio Code 2024-11-21 7.8 High
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28472 1 Microsoft 1 Vscode-maven 2024-11-21 7.8 High
Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability
CVE-2021-28471 1 Microsoft 1 Visual Studio Code 2024-11-21 7.8 High
Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-28470 1 Microsoft 2 Visual Studio Code Github Pull Requests And Issues, Visual Studio Code Github Pull Requests And Issues Extension 2024-11-21 7.8 High
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability