| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system. |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. |
| Windows Remote Procedure Call Information Disclosure Vulnerability |
| Sysinternals PsExec Elevation of Privilege Vulnerability |
| PFX Encryption Security Feature Bypass Vulnerability |
| <p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user.</p>
<p>This update addresses this vulnerability.</p>
<p>To prevent these types of attacks, Microsoft recommends customers to download inline images from different DNSdomains than the rest of OWA. Please see further instructions in the FAQ to put in place this mitigations.</p>
|
| Windows Update Stack Setup Elevation of Privilege Vulnerability |
| System Center Operations Manager Elevation of Privilege Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Microsoft SharePoint Server Spoofing Vulnerability |
| Bot Framework SDK Information Disclosure Vulnerability |
| Microsoft Dynamics Business Central Cross-site Scripting Vulnerability |
| ASP.NET Core and Visual Studio Denial of Service Vulnerability |
| Windows Fax Service Remote Code Execution Vulnerability |
| .NET Core and Visual Studio Denial of Service Vulnerability |
| Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft SharePoint Server Tampering Vulnerability |
| Microsoft SharePoint Server Spoofing Vulnerability |
