Export limit exceeded: 364207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364207 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24126 | 1 Enviragallery | 1 Envira Gallery | 2024-11-21 | 5.4 Medium |
| Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata (namely title) before outputting them in the generated gallery, which could lead to privilege escalation. | ||||
| CVE-2021-24125 | 1 Contact Form Submissions Project | 1 Contact Form Submissions | 2024-11-21 | 7.2 High |
| Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+) | ||||
| CVE-2021-24124 | 1 Terryl | 1 Wp Shieldon | 2024-11-21 | 6.1 Medium |
| Unvalidated input and lack of output encoding in the WP Shieldon WordPress plugin, version 1.6.3 and below, leads to Unauthenticated Reflected Cross-Site Scripting (XSS) when the CAPTCHA page is shown could lead to privileged escalation. | ||||
| CVE-2021-24123 | 1 Blubrry | 1 Powerpress | 2024-11-21 | 7.2 High |
| Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privilege accounts (admin+) being able to upload arbitrary files, such as php, leading to RCE. | ||||
| CVE-2021-24117 | 1 Apache | 1 Teaclave Sgx Sdk | 2024-11-21 | 4.9 Medium |
| In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. | ||||
| CVE-2021-24116 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 4.9 Medium |
| In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. | ||||
| CVE-2021-24115 | 1 Botan Project | 1 Botan | 2024-11-21 | 9.8 Critical |
| In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex). | ||||
| CVE-2021-24114 | 1 Microsoft | 1 Teams | 2024-11-21 | 5.7 Medium |
| Microsoft Teams iOS Information Disclosure Vulnerability | ||||
| CVE-2021-24113 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 5.4 Medium |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||||
| CVE-2021-24112 | 1 Microsoft | 4 .net, .net Core, Mono and 1 more | 2024-11-21 | 8.1 High |
| .NET Core Remote Code Execution Vulnerability | ||||
| CVE-2021-24111 | 1 Microsoft | 10 .net, .net Framework, Windows 10 and 7 more | 2024-11-21 | 7.5 High |
| .NET Framework Denial of Service Vulnerability | ||||
| CVE-2021-24110 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-24109 | 1 Microsoft | 1 Azure Kubernetes Service | 2024-11-21 | 6.8 Medium |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-24108 | 1 Microsoft | 3 365 Apps, Excel, Office | 2024-11-21 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2021-24107 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Windows Event Tracing Information Disclosure Vulnerability | ||||
| CVE-2021-24106 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 5.5 Medium |
| Windows DirectX Information Disclosure Vulnerability | ||||
| CVE-2021-24104 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 4.6 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-24103 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows Event Tracing Elevation of Privilege Vulnerability | ||||
| CVE-2021-24102 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows Event Tracing Elevation of Privilege Vulnerability | ||||
| CVE-2021-24101 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 6.5 Medium |
| Microsoft Dataverse Information Disclosure Vulnerability | ||||