Export limit exceeded: 23766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23766 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43800 | 2 Microsoft, Requarks | 2 Windows, Wiki.js | 2024-11-21 | 7.5 High |
| Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is only possible on a Wiki.js server running on Windows, when a storage module implementing local asset cache (e.g Local File System or Git) is enabled and that no web application firewall solution (e.g. cloudflare) strips potentially malicious URLs. Commit number 414033de9dff66a327e3f3243234852f468a9d85 fixes this vulnerability by sanitizing the path before it is passed on to the storage module. The sanitization step removes any windows directory traversal sequences from the path. As a workaround, disable any storage module with local asset caching capabilities (Local File System, Git). | ||||
| CVE-2021-43772 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+ Security, Internet Security and 2 more | 2024-11-21 | 5.5 Medium |
| Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection. | ||||
| CVE-2021-43326 | 2 Automox, Microsoft | 2 Automox, Windows | 2024-11-21 | 7.8 High |
| Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. | ||||
| CVE-2021-43325 | 2 Automox, Microsoft | 2 Automox, Windows | 2024-11-21 | 7.8 High |
| Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this issue exists because of a CVE-2021-43326 regression. | ||||
| CVE-2021-43256 | 1 Microsoft | 8 365 Apps, Excel, Excel Rt and 5 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-43255 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 5.5 Medium |
| Microsoft Office Trust Center Spoofing Vulnerability | ||||
| CVE-2021-43248 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7.8 High |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | ||||
| CVE-2021-43247 | 1 Microsoft | 14 Windows 10, Windows 10 1809, Windows 10 1909 and 11 more | 2024-11-21 | 7.8 High |
| Windows TCP/IP Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-43246 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more | 2024-11-21 | 5.6 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2021-43245 | 1 Microsoft | 7 Windows 7, Windows 8.1, Windows Rt 8.1 and 4 more | 2024-11-21 | 7.8 High |
| Windows Digital TV Tuner Elevation of Privilege Vulnerability | ||||
| CVE-2021-43244 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more | 2024-11-21 | 6.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2021-43243 | 1 Microsoft | 1 Vp9 Video Extensions | 2024-11-21 | 5.5 Medium |
| VP9 Video Extensions Information Disclosure Vulnerability | ||||
| CVE-2021-43242 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.6 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-43240 | 1 Microsoft | 13 Windows 10, Windows 10 1809, Windows 10 1909 and 10 more | 2024-11-21 | 7.8 High |
| NTFS Set Short Name Elevation of Privilege Vulnerability | ||||
| CVE-2021-43239 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 20h2 and 9 more | 2024-11-21 | 7.1 High |
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability | ||||
| CVE-2021-43238 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2021-43237 | 1 Microsoft | 13 Windows 10, Windows 10 1809, Windows 10 1909 and 10 more | 2024-11-21 | 7.8 High |
| Windows Setup Elevation of Privilege Vulnerability | ||||
| CVE-2021-43236 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-11-21 | 7.5 High |
| Microsoft Message Queuing Information Disclosure Vulnerability | ||||
| CVE-2021-43235 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-21 | 5.5 Medium |
| Storage Spaces Controller Information Disclosure Vulnerability | ||||
| CVE-2021-43234 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-11-21 | 7.8 High |
| Windows Fax Service Remote Code Execution Vulnerability | ||||