Search
Search Results (348761 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-42330 | 1 Xinheinformation | 1 Xinhe Teaching Platform System | 2024-11-21 | 8.8 High |
| The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters. | ||||
| CVE-2021-42329 | 1 Xinheinformation | 1 Xinhe Teaching Platform System | 2024-11-21 | 5.4 Medium |
| The “List_Add” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. After logging in with user’s privilege, remote attackers can inject JavaScript and execute stored XSS attacks. | ||||
| CVE-2021-42327 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-11-21 | 6.7 Medium |
| dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer. | ||||
| CVE-2021-42326 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2024-11-21 | 5.3 Medium |
| Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter. | ||||
| CVE-2021-42325 | 1 Froxlor | 1 Froxlor | 2024-11-21 | 9.8 Critical |
| Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name. | ||||
| CVE-2021-42324 | 1 Dcnglobal | 2 S4600-10p-si, S4600-10p-si Firmware | 2024-11-21 | 7.4 High |
| An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell metacharacters in the capture command parameters. Command output will be shown on the Serial interface of the device. Exploitation requires both credentials and physical access. | ||||
| CVE-2021-42323 | 1 Microsoft | 1 Azure Real Time Operating System | 2024-11-21 | 3.3 Low |
| Azure RTOS Information Disclosure Vulnerability | ||||
| CVE-2021-42322 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Elevation of Privilege Vulnerability | ||||
| CVE-2021-42320 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 8 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-42319 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-11-21 | 4.7 Medium |
| Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2021-42316 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 8.8 High |
| Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | ||||
| CVE-2021-42315 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 8.8 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42314 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 8.8 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42313 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 10 Critical |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42312 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 7.8 High |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability | ||||
| CVE-2021-42311 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 10 Critical |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42310 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 8.1 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42309 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-42308 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 3.1 Low |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2021-42305 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 6.5 Medium |
| Microsoft Exchange Server Spoofing Vulnerability | ||||