Search Results (366763 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-41340 1 Microsoft 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more 2024-11-21 7.8 High
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-41339 1 Microsoft 11 Windows 10, Windows 10 1809, Windows 10 1909 and 8 more 2024-11-21 4.7 Medium
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-41338 1 Microsoft 14 Windows 10, Windows 10 1507, Windows 10 1607 and 11 more 2024-11-21 5.5 Medium
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability
CVE-2021-41337 1 Microsoft 5 Windows Server 2004, Windows Server 2016, Windows Server 2019 and 2 more 2024-11-21 4.9 Medium
Active Directory Security Feature Bypass Vulnerability
CVE-2021-41336 1 Microsoft 3 Windows 11, Windows 11 21h2, Windows Server 2022 2024-11-21 5.5 Medium
Windows Kernel Information Disclosure Vulnerability
CVE-2021-41335 1 Microsoft 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more 2024-11-21 7.8 High
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-41334 1 Microsoft 10 Windows 10, Windows 10 1809, Windows 10 20h2 and 7 more 2024-11-21 7 High
Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2021-41333 1 Microsoft 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more 2024-11-21 7.8 High
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-41332 1 Microsoft 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more 2024-11-21 6.5 Medium
Windows Print Spooler Information Disclosure Vulnerability
CVE-2021-41331 1 Microsoft 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more 2024-11-21 7.8 High
Windows Media Audio Decoder Remote Code Execution Vulnerability
CVE-2021-41330 1 Microsoft 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more 2024-11-21 7.8 High
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-41329 1 Datalust 1 Seq 2024-11-21 6.5 Medium
Datalust Seq before 2021.2.6259 allows users (with view filters applied to their accounts) to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when another user has recently executed an identical query differing only by the array elements.
CVE-2021-41326 1 Misp 1 Misp 2024-11-21 9.8 Critical
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call.
CVE-2021-41325 1 Pydio 1 Cells 2024-11-21 6.5 Medium
Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.)
CVE-2021-41324 1 Pydio 1 Cells 2024-11-21 6.5 Medium
Directory traversal in the Copy, Move, and Delete features in Pydio Cells 2.2.9 allows remote authenticated users to enumerate personal files (or Cells files belonging to any user) via the nodes parameter (for Copy and Move) or via the Path parameter (for Delete).
CVE-2021-41323 1 Pydio 1 Cells 2024-11-21 6.5 Medium
Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter.
CVE-2021-41322 1 Polycom 4 Vvx 400, Vvx 400 Firmware, Vvx 410 and 1 more 2024-11-21 8.8 High
Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process.
CVE-2021-41318 1 Progress 1 Whatsupgold 2024-11-21 6.1 Medium
In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.
CVE-2021-41317 1 Xss Hunter Express Project 1 Xss Hunter Express 2024-11-21 9.8 Critical
XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths.
CVE-2021-41316 1 Device42 1 Device42 2024-11-21 8.1 High
The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker (with permissions to add or edit jobs run by this utility) can inject an extra argument to overwrite arbitrary files as the root user on the Remote Collector.