Export limit exceeded: 364989 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364989 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364989 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31954 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-31953 | 1 Microsoft | 14 Windows 10, Windows 10 1507, Windows 10 1607 and 11 more | 2024-11-21 | 7.8 High |
| Windows Filter Manager Elevation of Privilege Vulnerability | ||||
| CVE-2021-31952 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-31951 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2021-31950 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.6 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-31948 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.6 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-31947 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-31945 | 1 Microsoft | 1 Paint 3d | 2024-11-21 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2021-31943 | 1 Microsoft | 1 3d Viewer | 2024-11-21 | 7.8 High |
| 3D Viewer Remote Code Execution Vulnerability | ||||
| CVE-2021-31941 | 1 Microsoft | 3 365 Apps, Office, Outlook | 2024-11-21 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2021-31940 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2021-31939 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-31938 | 1 Microsoft | 1 Kubernetes Tools | 2024-11-21 | 7.3 High |
| Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability | ||||
| CVE-2021-31936 | 1 Microsoft | 1 Accessibility Insights For Web | 2024-11-21 | 7.4 High |
| Microsoft Accessibility Insights for Web Information Disclosure Vulnerability | ||||
| CVE-2021-31935 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite 7.10.4 and earlier allows XSS via a crafted distribution list (payload in the common name) that is mishandled in the scheduling view. | ||||
| CVE-2021-31934 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite 7.10.4 and earlier allows XSS via a crafted contact object (payload in the position or company field) that is mishandled in the App Suite UI on a smartphone. | ||||
| CVE-2021-31933 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 7.2 High |
| A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames (e.g., .phar or .pht). A remote authenticated administrator is able to upload a file containing arbitrary PHP code into specific directories via main/inc/lib/fileUpload.lib.php directory traversal to achieve PHP code execution. | ||||
| CVE-2021-31932 | 1 Nokia | 1 Bts Trs Web Console | 2024-11-21 | 9.8 Critical |
| Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing the authentication process, by using URL encoding for the . (dot) character. | ||||
| CVE-2021-31930 | 1 Concerto-signage | 1 Concerto | 2024-11-21 | 6.1 Medium |
| Persistent cross-site scripting (XSS) in the web interface of Concerto through 2.3.6 allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the First Name or Last Name parameter upon registration. When a privileged user attempts to delete the account, the XSS payload will be executed. | ||||
| CVE-2021-31929 | 1 Annexcloud | 1 Loyalty Experience Platform | 2024-11-21 | 4.3 Medium |
| Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals. | ||||