Export limit exceeded: 363555 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363555 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-26505 1 Hello.js Project 1 Hello.js 2024-11-21 9.8 Critical
Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.
CVE-2021-26504 1 Dgtl 1 Huemagic 2024-11-21 7.5 High
Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.
CVE-2021-26476 1 Eprints 1 Eprints 2024-11-21 9.8 Critical
EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI.
CVE-2021-26475 1 Eprints 1 Eprints 2024-11-21 6.1 Medium
EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI.
CVE-2021-26474 1 Vembu 2 Bdr Suite, Offsite Dr 2024-11-21 8.6 High
Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.)
CVE-2021-26473 1 Vembu 2 Bdr Suite, Offsite Dr 2024-11-21 9.8 Critical
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server.
CVE-2021-26472 2 Microsoft, Vembu 3 Windows, Bdr Suite, Offsite Dr 2024-11-21 10 Critical
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.
CVE-2021-26471 1 Vembu 2 Bdr Suite, Offsite Dr 2024-11-21 9.8 Critical
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands.
CVE-2021-26461 1 Apache 1 Nuttx 2024-11-21 9.8 Critical
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
CVE-2021-26444 1 Microsoft 1 Azure Real Time Operating System 2024-11-21 3.3 Low
Azure RTOS Information Disclosure Vulnerability
CVE-2021-26443 1 Microsoft 11 Windows 10, Windows 10 1809, Windows 10 1909 and 8 more 2024-11-21 9 Critical
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
CVE-2021-26442 1 Microsoft 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more 2024-11-21 7 High
Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2021-26441 1 Microsoft 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more 2024-11-21 7.8 High
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-26439 2 Google, Microsoft 2 Android, Edge 2024-11-21 4.6 Medium
Microsoft Edge for Android Information Disclosure Vulnerability
CVE-2021-26437 1 Microsoft 1 Visual Studio Code 2024-11-21 5.5 Medium
Visual Studio Code Spoofing Vulnerability
CVE-2021-26436 1 Microsoft 2 Edge, Edge Chromium 2024-11-21 6.1 Medium
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2021-26435 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 8.1 High
Windows Scripting Engine Memory Corruption Vulnerability
CVE-2021-26434 1 Microsoft 2 Visual Studio 2017, Visual Studio 2019 2024-11-21 7.8 High
Visual Studio Elevation of Privilege Vulnerability
CVE-2021-26433 1 Microsoft 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more 2024-11-21 7.5 High
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
CVE-2021-26432 1 Microsoft 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more 2024-11-21 9.8 Critical
Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability