Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (322784 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-43214 1 Microsoft 1 Raw Image Extension 2024-11-21 7.8 High
Web Media Extensions Remote Code Execution Vulnerability
CVE-2021-43211 1 Microsoft 1 Windows 10 Update Assistant 2024-11-21 5.5 Medium
Windows 10 Update Assistant Elevation of Privilege Vulnerability
CVE-2021-43209 1 Microsoft 1 3d Viewer 2024-11-21 7.8 High
3D Viewer Remote Code Execution Vulnerability
CVE-2021-43208 1 Microsoft 1 3d Viewer 2024-11-21 7.8 High
3D Viewer Remote Code Execution Vulnerability
CVE-2021-43207 1 Microsoft 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more 2024-11-21 7.8 High
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-43206 1 Fortinet 2 Fortios, Fortiproxy 2024-11-21 4.3 Medium
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.
CVE-2021-43205 1 Fortinet 1 Forticlient 2024-11-21 4.3 Medium
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries.
CVE-2021-43204 1 Fortinet 1 Forticlient 2024-11-21 4.4 Medium
A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete denial of service of its components via changes of directory access permissions.
CVE-2021-43203 1 Jetbrains 1 Ktor 2024-11-21 7.5 High
In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly.
CVE-2021-43202 1 Jetbrains 1 Teamcity 2024-11-21 9.8 Critical
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.
CVE-2021-43201 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.
CVE-2021-43200 1 Jetbrains 1 Teamcity 2024-11-21 9.8 Critical
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.
CVE-2021-43199 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient.
CVE-2021-43198 1 Jetbrains 1 Teamcity 2024-11-21 5.4 Medium
In JetBrains TeamCity before 2021.1.2, stored XSS is possible.
CVE-2021-43197 1 Jetbrains 1 Teamcity 2024-11-21 6.1 Medium
In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS.
CVE-2021-43196 1 Jetbrains 1 Teamcity 2024-11-21 7.5 High
In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible.
CVE-2021-43195 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing.
CVE-2021-43194 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2021.1.2, user enumeration was possible.
CVE-2021-43193 1 Jetbrains 1 Teamcity 2024-11-21 9.8 Critical
In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.
CVE-2021-43192 2 Apple, Jetbrains 2 Iphone Os, Youtrack Mobile 2024-11-21 5.3 Medium
In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible.