Export limit exceeded: 79017 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79017 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34455 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.8 High |
| Windows File History Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-34453 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 7.5 High |
| Microsoft Exchange Server Denial of Service Vulnerability | ||||
| CVE-2021-34452 | 1 Microsoft | 3 365 Apps, Office, Word | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-34450 | 1 Microsoft | 8 Windows 10, Windows 10 1809, Windows 10 1909 and 5 more | 2024-11-21 | 8.5 High |
| Windows Hyper-V Remote Code Execution Vulnerability | ||||
| CVE-2021-34449 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2021-34446 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 8 High |
| Windows HTML Platforms Security Feature Bypass Vulnerability | ||||
| CVE-2021-34445 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||||
| CVE-2021-34442 | 1 Microsoft | 9 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 6 more | 2024-11-21 | 8.8 High |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-34441 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||||
| CVE-2021-34439 | 1 Microsoft | 4 Windows 10, Windows 10 1507, Windows 10 1607 and 1 more | 2024-11-21 | 7.8 High |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||||
| CVE-2021-34438 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows Font Driver Host Remote Code Execution Vulnerability | ||||
| CVE-2021-34435 | 1 Eclipse | 1 Theia | 2024-11-21 | 8.8 High |
| In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file.. | ||||
| CVE-2021-34433 | 1 Eclipse | 1 Californium | 2024-11-21 | 7.5 High |
| In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the client side, if that signature is not included in the server's ServerKeyExchange. | ||||
| CVE-2021-34432 | 1 Eclipse | 1 Mosquitto | 2024-11-21 | 7.5 High |
| In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0. | ||||
| CVE-2021-34430 | 1 Eclipse | 1 Tinydtls | 2024-11-21 | 7.5 High |
| Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic. | ||||
| CVE-2021-34424 | 5 Apple, Google, Linux and 2 more | 30 Iphone Os, Macos, Android and 27 more | 2024-11-21 | 7.5 High |
| A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI Windows Meeting Client before version 5.8.4, Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112, Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom on-premise Meeting Connector before version 4.8.12.20211115, Zoom on-premise Meeting Connector MMR before version 4.8.12.20211115, Zoom on-premise Recording Connector before version 5.1.0.65.20211116, Zoom on-premise Virtual Room Connector before version 4.4.7266.20211117, Zoom on-premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64 which potentially allowed for the exposure of the state of process memory. This issue could be used to potentially gain insight into arbitrary areas of the product's memory. | ||||
| CVE-2021-34422 | 1 Keybase | 1 Keybase | 2024-11-21 | 7.2 High |
| The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution. | ||||
| CVE-2021-34417 | 1 Zoom | 5 Zoom On-premise Meeting Connector Controller, Zoom On-premise Meeting Connector Mmr, Zoom On-premise Recording Connector and 2 more | 2024-11-21 | 7.9 High |
| The network proxy page on the web portal for the Zoom On-Premise Meeting Connector Controller before version 4.6.365.20210703, Zoom On-Premise Meeting Connector MMR before version 4.6.365.20210703, Zoom On-Premise Recording Connector before version 3.8.45.20210703, Zoom On-Premise Virtual Room Connector before version 4.4.6868.20210703, and Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5496.20210703 fails to validate input sent in requests to set the network proxy password. This could lead to remote command injection by a web portal administrator. | ||||
| CVE-2021-34415 | 1 Zoom | 1 Meeting Connector | 2024-11-21 | 7.5 High |
| The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustion of resources and system crash. | ||||
| CVE-2021-34414 | 1 Zoom | 4 Meeting Connector, Recording Connector, Virtual Room Connector and 1 more | 2024-11-21 | 7.2 High |
| The network proxy page on the web portal for the Zoom on-premise Meeting Connector Controller before version 4.6.348.20201217, Zoom on-premise Meeting Connector MMR before version 4.6.348.20201217, Zoom on-premise Recording Connector before version 3.8.42.20200905, Zoom on-premise Virtual Room Connector before version 4.4.6620.20201110, and Zoom on-premise Virtual Room Connector Load Balancer before version 2.5.5495.20210326 fails to validate input sent in requests to update the network proxy configuration, which could lead to remote command injection on the on-premise image by a web portal administrator. | ||||