Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows
Subscriptions
Total
7549 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34840 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14021. | ||||
| CVE-2021-34836 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14017. | ||||
| CVE-2021-34841 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14022. | ||||
| CVE-2021-34834 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14014. | ||||
| CVE-2021-34833 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023. | ||||
| CVE-2021-34832 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the delay property. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13928. | ||||
| CVE-2021-34837 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14018. | ||||
| CVE-2021-34803 | 2 Microsoft, Teamviewer | 2 Windows, Teamviewer | 2024-08-04 | 7.8 High |
| TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations. | ||||
| CVE-2021-34688 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-08-04 | 3.3 Low |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker. | ||||
| CVE-2021-34692 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-08-04 | 7.8 High |
| iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges. | ||||
| CVE-2021-34687 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-08-04 | 5.3 Medium |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher. | ||||
| CVE-2021-34689 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-08-04 | 5.5 Medium |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files. | ||||
| CVE-2021-34690 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-08-04 | 9.8 Critical |
| iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980. | ||||
| CVE-2021-34551 | 3 Fedoraproject, Microsoft, Phpmailer Project | 3 Fedora, Windows, Phpmailer | 2024-08-04 | 8.1 High |
| PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. | ||||
| CVE-2021-34399 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-08-04 | 4.1 Medium |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure. | ||||
| CVE-2021-34400 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-08-04 | 4.1 Medium |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure. | ||||
| CVE-2021-33599 | 3 Apple, F-secure, Microsoft | 6 Macos, Atlant, Cloud Protection For Salesforce and 3 more | 2024-08-03 | 4.6 Medium |
| A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service (infinite loop and freezes AV engine scanner). The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. | ||||
| CVE-2021-33603 | 3 Apple, F-secure, Microsoft | 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more | 2024-08-03 | 5.5 Medium |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. | ||||
| CVE-2021-33597 | 3 Apple, F-secure, Microsoft | 6 Macos, Business Suite, Client Security and 3 more | 2024-08-03 | 3.5 Low |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. | ||||
| CVE-2021-33598 | 3 Apple, F-secure, Microsoft | 5 Macos, Atlant, Elements Endpoint Protection and 2 more | 2024-08-03 | 4.6 Medium |
| A Denial-of-Service (DoS) vulnerability was discovered in all versions of F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. | ||||