Search

Search Results (363333 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-27112 1 Lightcms Project 1 Lightcms 2024-11-21 9.8 Critical
LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images.
CVE-2021-27099 1 Cncf 1 Spire 2024-11-21 6.8 Medium
In SPIRE before versions 0.8.5, 0.9.4, 0.10.2, 0.11.3 and 0.12.1, the "aws_iid" Node Attestor improperly normalizes the path provided through the agent ID templating feature, which may allow the issuance of an arbitrary SPIFFE ID within the same trust domain, if the attacker controls the value of an EC2 tag prior to attestation, and the attestor is configured for agent ID templating where the tag value is the last element in the path. This issue has been fixed in SPIRE versions 0.11.3 and 0.12.1
CVE-2021-27098 1 Cncf 1 Spire 2024-11-21 8.1 High
In SPIRE 0.8.1 through 0.8.4 and before versions 0.9.4, 0.10.2, 0.11.3 and 0.12.1, specially crafted requests to the FetchX509SVID RPC of SPIRE Server’s Legacy Node API can result in the possible issuance of an X.509 certificate with a URI SAN for a SPIFFE ID that the agent is not authorized to distribute. Proper controls are in place to require that the caller presents a valid agent certificate that is already authorized to issue at least one SPIFFE ID, and the requested SPIFFE ID belongs to the same trust domain, prior to being able to trigger this vulnerability. This issue has been fixed in SPIRE versions 0.8.5, 0.9.4, 0.10.2, 0.11.3 and 0.12.1.
CVE-2021-27096 1 Microsoft 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more 2024-11-21 7.8 High
NTFS Elevation of Privilege Vulnerability
CVE-2021-27095 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 7.8 High
Windows Media Video Decoder Remote Code Execution Vulnerability
CVE-2021-27094 1 Microsoft 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more 2024-11-21 4.4 Medium
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
CVE-2021-27093 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 5.5 Medium
Windows Kernel Information Disclosure Vulnerability
CVE-2021-27092 1 Microsoft 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more 2024-11-21 6.8 Medium
Azure AD Web Sign-in Security Feature Bypass Vulnerability
CVE-2021-27091 1 Microsoft 4 Windows 7, Windows Server 2008, Windows Server 2008 R2 and 1 more 2024-11-21 7.8 High
RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
CVE-2021-27090 1 Microsoft 6 Windows 10, Windows 10 1809, Windows 10 20h2 and 3 more 2024-11-21 7.8 High
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2021-27089 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 7.8 High
Microsoft Internet Messaging API Remote Code Execution Vulnerability
CVE-2021-27088 1 Microsoft 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more 2024-11-21 7.8 High
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-27086 1 Microsoft 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more 2024-11-21 7.8 High
Windows Services and Controller App Elevation of Privilege Vulnerability
CVE-2021-27083 1 Microsoft 1 Remote Development 2024-11-21 7.8 High
Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-27082 1 Microsoft 1 Quantum Development Kit 2024-11-21 7.8 High
Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-27080 1 Microsoft 1 Azure Sphere 2024-11-21 9.3 Critical
Azure Sphere Unsigned Code Execution Vulnerability
CVE-2021-27079 1 Microsoft 12 Windows 10, Windows 10 1507, Windows 10 1607 and 9 more 2024-11-21 5.7 Medium
Windows Media Photo Codec Information Disclosure Vulnerability
CVE-2021-27078 1 Microsoft 1 Exchange Server 2024-11-21 9.1 Critical
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-27077 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 7.8 High
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-27076 1 Microsoft 3 Business Productivity Servers, Sharepoint Foundation, Sharepoint Server 2024-11-21 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability