Export limit exceeded: 79577 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79577 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-42340 | 5 Apache, Debian, Netapp and 2 more | 22 Tomcat, Debian Linux, Hci and 19 more | 2024-11-21 | 7.5 High |
| The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. | ||||
| CVE-2021-42334 | 1 Huaju | 1 Easytest Online Learning Test Platform | 2024-11-21 | 8.8 High |
| The Easytest contains SQL injection vulnerabilities. After obtaining a user’s privilege, remote attackers can inject SQL commands into the parameters of the elective course management page to obtain all database and administrator permissions. | ||||
| CVE-2021-42333 | 1 Huaju | 1 Easytest Online Learning Test Platform | 2024-11-21 | 8.8 High |
| The Easytest contains SQL injection vulnerabilities. After obtaining user’s privilege, remote attackers can inject SQL commands into the parameters of the learning history page to access all database and obtain administrator permissions. | ||||
| CVE-2021-42330 | 1 Xinheinformation | 1 Xinhe Teaching Platform System | 2024-11-21 | 8.8 High |
| The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters. | ||||
| CVE-2021-42324 | 1 Dcnglobal | 2 S4600-10p-si, S4600-10p-si Firmware | 2024-11-21 | 7.4 High |
| An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell metacharacters in the capture command parameters. Command output will be shown on the Serial interface of the device. Exploitation requires both credentials and physical access. | ||||
| CVE-2021-42322 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Elevation of Privilege Vulnerability | ||||
| CVE-2021-42320 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 8 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-42316 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 8.8 High |
| Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | ||||
| CVE-2021-42315 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 8.8 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42314 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 8.8 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42312 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 7.8 High |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability | ||||
| CVE-2021-42310 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 8.1 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-42309 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-42298 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 7.8 High |
| Microsoft Defender Remote Code Execution Vulnerability | ||||
| CVE-2021-42296 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-42294 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.2 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-42291 | 1 Microsoft | 11 Windows Server, Windows Server 2004, Windows Server 2008 and 8 more | 2024-11-21 | 7.5 High |
| Active Directory Domain Services Elevation of Privilege Vulnerability | ||||
| CVE-2021-42286 | 1 Microsoft | 8 Windows 10, Windows 10 1809, Windows 10 20h2 and 5 more | 2024-11-21 | 7.8 High |
| Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability | ||||
| CVE-2021-42285 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2021-42283 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2024-11-21 | 8.8 High |
| NTFS Elevation of Privilege Vulnerability | ||||