Export limit exceeded: 363315 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363315 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363315 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-28443 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Windows Console Driver Denial of Service Vulnerability | ||||
| CVE-2021-28442 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 6.5 Medium |
| Windows TCP/IP Information Disclosure Vulnerability | ||||
| CVE-2021-28441 | 1 Microsoft | 8 Windows 10, Windows 10 1809, Windows 10 1909 and 5 more | 2024-11-21 | 6.5 Medium |
| Windows Hyper-V Information Disclosure Vulnerability | ||||
| CVE-2021-28440 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2021-28439 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.5 High |
| Windows TCP/IP Driver Denial of Service Vulnerability | ||||
| CVE-2021-28438 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 5.5 Medium |
| Windows Console Driver Denial of Service Vulnerability | ||||
| CVE-2021-28437 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Windows Installer Information Disclosure Vulnerability | ||||
| CVE-2021-28436 | 1 Microsoft | 12 Windows 10, Windows 10 1507, Windows 10 1607 and 9 more | 2024-11-21 | 7.8 High |
| Windows Speech Runtime Elevation of Privilege Vulnerability | ||||
| CVE-2021-28435 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-21 | 5.5 Medium |
| Windows Event Tracing Information Disclosure Vulnerability | ||||
| CVE-2021-28434 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 8.8 High |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | ||||
| CVE-2021-28429 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 5.5 Medium |
| Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. | ||||
| CVE-2021-28428 | 1 Horizontcms Project | 1 Horizontcms | 2024-11-21 | 9.8 Critical |
| File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed that the filter was bypassed via uploading an arbitrary .htaccess and *.hello files in order to execute PHP code to gain RCE. | ||||
| CVE-2021-28427 | 1 Xnview | 1 Xnview | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file. | ||||
| CVE-2021-28424 | 1 Phpgurukul | 1 Teachers Record Management System | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php. | ||||
| CVE-2021-28420 | 1 Seopanel | 1 Seo Panel | 2024-11-21 | 4.8 Medium |
| A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time" parameter. | ||||
| CVE-2021-28419 | 1 Seopanel | 1 Seo Panel | 2024-11-21 | 7.2 High |
| The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases. | ||||
| CVE-2021-28418 | 1 Seopanel | 1 Seo Panel | 2024-11-21 | 4.8 Medium |
| A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter. | ||||
| CVE-2021-28417 | 1 Seopanel | 1 Seo Panel | 2024-11-21 | 4.8 Medium |
| A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter. | ||||
| CVE-2021-28411 | 1 Ruoyi | 1 Ruoyi | 2024-11-21 | 9.8 Critical |
| An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. | ||||
| CVE-2021-28399 | 1 Orangehrm | 1 Orangehrm | 2024-11-21 | 5.3 Medium |
| OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function. | ||||