Export limit exceeded: 363555 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363555 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26505 | 1 Hello.js Project | 1 Hello.js | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function. | ||||
| CVE-2021-26504 | 1 Dgtl | 1 Huemagic | 2024-11-21 | 7.5 High |
| Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js. | ||||
| CVE-2021-26476 | 1 Eprints | 1 Eprints | 2024-11-21 | 9.8 Critical |
| EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI. | ||||
| CVE-2021-26475 | 1 Eprints | 1 Eprints | 2024-11-21 | 6.1 Medium |
| EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI. | ||||
| CVE-2021-26474 | 1 Vembu | 2 Bdr Suite, Offsite Dr | 2024-11-21 | 8.6 High |
| Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.) | ||||
| CVE-2021-26473 | 1 Vembu | 2 Bdr Suite, Offsite Dr | 2024-11-21 | 9.8 Critical |
| In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server. | ||||
| CVE-2021-26472 | 2 Microsoft, Vembu | 3 Windows, Bdr Suite, Offsite Dr | 2024-11-21 | 10 Critical |
| In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges. | ||||
| CVE-2021-26471 | 1 Vembu | 2 Bdr Suite, Offsite Dr | 2024-11-21 | 9.8 Critical |
| In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands. | ||||
| CVE-2021-26461 | 1 Apache | 1 Nuttx | 2024-11-21 | 9.8 Critical |
| Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | ||||
| CVE-2021-26444 | 1 Microsoft | 1 Azure Real Time Operating System | 2024-11-21 | 3.3 Low |
| Azure RTOS Information Disclosure Vulnerability | ||||
| CVE-2021-26443 | 1 Microsoft | 11 Windows 10, Windows 10 1809, Windows 10 1909 and 8 more | 2024-11-21 | 9 Critical |
| Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability | ||||
| CVE-2021-26442 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7 High |
| Windows HTTP.sys Elevation of Privilege Vulnerability | ||||
| CVE-2021-26441 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-26439 | 2 Google, Microsoft | 2 Android, Edge | 2024-11-21 | 4.6 Medium |
| Microsoft Edge for Android Information Disclosure Vulnerability | ||||
| CVE-2021-26437 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 5.5 Medium |
| Visual Studio Code Spoofing Vulnerability | ||||
| CVE-2021-26436 | 1 Microsoft | 2 Edge, Edge Chromium | 2024-11-21 | 6.1 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2021-26435 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 8.1 High |
| Windows Scripting Engine Memory Corruption Vulnerability | ||||
| CVE-2021-26434 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-11-21 | 7.8 High |
| Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2021-26433 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.5 High |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | ||||
| CVE-2021-26432 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 9.8 Critical |
| Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability | ||||