Export limit exceeded: 23485 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23485 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-1653 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows CSC Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-1652 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows CSC Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-1651 | 1 Microsoft | 14 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 11 more | 2024-11-21 | 7.8 High |
| Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | ||||
| CVE-2021-1650 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-21 | 7.8 High |
| Windows Runtime C++ Template Library Elevation of Privilege Vulnerability | ||||
| CVE-2021-1649 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Active Template Library Elevation of Privilege Vulnerability | ||||
| CVE-2021-1648 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-21 | 7.8 High |
| Microsoft splwow64 Elevation of Privilege Vulnerability | ||||
| CVE-2021-1646 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 6.6 Medium |
| Windows WLAN Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-1645 | 1 Microsoft | 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more | 2024-11-21 | 5 Medium |
| Windows Docker Information Disclosure Vulnerability | ||||
| CVE-2021-1644 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-1643 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-1642 | 1 Microsoft | 11 Windows 10, Windows 10 1607, Windows 10 1803 and 8 more | 2024-11-21 | 7.8 High |
| Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | ||||
| CVE-2021-1641 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 4.6 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-1640 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2021-1639 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio Code | 2024-11-21 | 7 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-1638 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 7.7 High |
| Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key | ||||
| CVE-2021-1637 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-21 | 5.5 Medium |
| Windows DNS Query Information Disclosure Vulnerability | ||||
| CVE-2021-1636 | 1 Microsoft | 1 Sql Server | 2024-11-21 | 8.8 High |
| Microsoft SQL Elevation of Privilege Vulnerability | ||||
| CVE-2021-1629 | 3 Linux, Microsoft, Tableau | 3 Linux Kernel, Windows, Tableau Server | 2024-11-21 | 6.1 Medium |
| Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users. | ||||
| CVE-2021-1492 | 2 Duo, Microsoft | 2 Authentication Proxy, Windows | 2024-11-21 | 6.6 Medium |
| The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo Authentication Proxy installer, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. This is only exploitable during new installations, while the installer is running, and is not exploitable once installation has finished. Versions 5.2.1 of Duo Authentication Proxy installer addresses this issue. | ||||
| CVE-2021-1450 | 4 Apple, Cisco, Linux and 1 more | 4 Macos, Anyconnect Secure Mobility Client, Linux Kernel and 1 more | 2024-11-21 | 5.5 Medium |
| A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending one or more crafted IPC messages to the AnyConnect process on an affected device. A successful exploit could allow the attacker to stop the AnyConnect process, causing a DoS condition on the device. Note: The process under attack will automatically restart so no action is needed by the user or admin. | ||||