Export limit exceeded: 363994 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363994 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-28495 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 7.2 High |
| In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.13 and post releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x train MOS-0.31.1 and below releases in the MOS-0.3x train | ||||
| CVE-2021-28494 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 9.6 Critical |
| In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prior releases | ||||
| CVE-2021-28493 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 8.4 High |
| In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.32.0 and prior releases | ||||
| CVE-2021-28492 | 1 Unisys | 1 Stealth | 2024-11-21 | 4.9 Medium |
| Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format. | ||||
| CVE-2021-28490 | 1 Owasp | 1 Csrfguard | 2024-11-21 | 8.8 High |
| In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token. | ||||
| CVE-2021-28488 | 1 Ericsson | 1 Network Manager | 2024-11-21 | 6.5 Medium |
| Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group). | ||||
| CVE-2021-28485 | 1 Ericsson | 2 Mobile Switching Center Server Bc 18a, Mobile Switching Center Server Bc 18a Firmware | 2024-11-21 | 4.3 Medium |
| In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application. | ||||
| CVE-2021-28484 | 2 Fedoraproject, Yubico | 2 Fedora, Yubihsm Connector | 2024-11-21 | 7.5 High |
| An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send it data, preventing any further operations until the yubihsm-connector is restarted. An attacker can send 0, 1, or 2 bytes to trigger this. | ||||
| CVE-2021-28483 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 9 Critical |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-28482 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 8.8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-28481 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 9.8 Critical |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-28480 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 9.8 Critical |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-28479 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-21 | 5.5 Medium |
| Windows CSC Service Information Disclosure Vulnerability | ||||
| CVE-2021-28477 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-28476 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-11-21 | 9.9 Critical |
| Windows Hyper-V Remote Code Execution Vulnerability | ||||
| CVE-2021-28475 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-28474 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-28473 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-28472 | 1 Microsoft | 1 Vscode-maven | 2024-11-21 | 7.8 High |
| Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability | ||||
| CVE-2021-28471 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability | ||||