Export limit exceeded: 23328 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23328 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26866 | 1 Microsoft | 12 Windows 10, Windows 10 1507, Windows 10 1607 and 9 more | 2024-11-21 | 7.1 High |
| Windows Update Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-26865 | 1 Microsoft | 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more | 2024-11-21 | 8.8 High |
| Windows Container Execution Agent Elevation of Privilege Vulnerability | ||||
| CVE-2021-26864 | 1 Microsoft | 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more | 2024-11-21 | 8.4 High |
| Windows Virtual Registry Provider Elevation of Privilege Vulnerability | ||||
| CVE-2021-26863 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 7 High |
| Windows Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2021-26862 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2021-26861 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows Graphics Component Remote Code Execution Vulnerability | ||||
| CVE-2021-26860 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows App-V Overlay Filter Elevation of Privilege Vulnerability | ||||
| CVE-2021-26859 | 1 Microsoft | 1 Power Bi Report Server | 2024-11-21 | 7.7 High |
| Microsoft Power BI Information Disclosure Vulnerability | ||||
| CVE-2021-26854 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 6.6 Medium |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-26701 | 3 Fedoraproject, Microsoft, Redhat | 8 Fedora, .net, .net Core and 5 more | 2024-11-21 | 8.1 High |
| .NET Core Remote Code Execution Vulnerability | ||||
| CVE-2021-26677 | 2 Arubanetworks, Microsoft | 2 Clearpass Policy Manager, Windows | 2024-11-21 | 7.8 High |
| A local authenticated escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users on a Windows platform to elevate their privileges. A successful exploit could allow an attacker to execute arbitrary code with SYSTEM level privileges. | ||||
| CVE-2021-26630 | 2 Handysoft, Microsoft | 2 Groupware, Windows | 2024-11-21 | 7.8 High |
| Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function. | ||||
| CVE-2021-26629 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2024-11-21 | 8.8 High |
| A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation. When the .xzip archive file is decompressed, an arbitrary file can be d in the parent path by using the path traversal pattern ‘..\’. | ||||
| CVE-2021-26626 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2024-11-21 | 8.1 High |
| Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute arbitrary commands. IF the second parameter value of the execBrowser function is ‘default’, the first parameter value could be passed to the ShellExecuteW API. The passed parameter is an arbitrary code to be executed. Remote attackers can use this vulnerability to execute arbitrary remote code. | ||||
| CVE-2021-26625 | 2 Microsoft, Tobesoft | 2 Windows, Nexacro | 2024-11-21 | 8.8 High |
| Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation logic to download and execute arbitrary malicious file. | ||||
| CVE-2021-26623 | 2 Bandisoft, Microsoft | 2 Bandizip, Windows | 2024-11-21 | 7.8 High |
| A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function. | ||||
| CVE-2021-26622 | 2 Genians, Microsoft | 2 Genian Nac, Windows | 2024-11-21 | 9.6 Critical |
| An remote code execution vulnerability due to SSTI vulnerability and insufficient file name parameter validation was discovered in Genian NAC. Remote attackers are able to execute arbitrary malicious code with SYSTEM privileges on all connected nodes in NAC through this vulnerability. | ||||
| CVE-2021-26619 | 2 Bigfile, Microsoft | 2 Bigfileagent, Windows | 2024-11-21 | 7.1 High |
| An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. Remote attackers can use this vulnerability to delete arbitrary files of unspecified number of users. | ||||
| CVE-2021-26618 | 2 Microsoft, Tmax | 2 Windows, Tooffice | 2024-11-21 | 7.1 High |
| An improper input validation leading to arbitrary file creation was discovered in ToWord of ToOffice. Remote attackers use this vulnerability to execute arbitrary file included malicious code. | ||||
| CVE-2021-26617 | 2 Firstmall, Microsoft | 2 Firstmall, Windows | 2024-11-21 | 8.1 High |
| This issues due to insufficient verification of the various input values from user’s input. The vulnerability allows remote attackers to execute malicious code in Firstmall via navercheckout_add function. | ||||