Filtered by vendor Microsoft
Subscriptions
Total
22877 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-20354 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | 7.5 High |
| IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883. | ||||
| CVE-2021-20334 | 2 Microsoft, Mongodb | 2 Windows, Compass | 2024-11-21 | 4.8 Medium |
| A malicious 3rd party with local access to the Windows machine where MongoDB Compass is installed can execute arbitrary software with the privileges of the user who is running MongoDB Compass. This issue affects: MongoDB Inc. MongoDB Compass 1.x version 1.3.0 on Windows and later versions; 1.x versions prior to 1.25.0 on Windows. | ||||
| CVE-2021-20100 | 2 Microsoft, Tenable | 2 Windows, Nessus | 2024-11-21 | 6.7 Medium |
| Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20099. | ||||
| CVE-2021-20099 | 2 Microsoft, Tenable | 2 Windows, Nessus | 2024-11-21 | 6.7 Medium |
| Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100. | ||||
| CVE-2021-20081 | 2 Microsoft, Zohocorp | 2 Windows, Manageengine Servicedesk Plus | 2024-11-21 | 7.2 High |
| Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges. | ||||
| CVE-2021-1734 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.5 High |
| Windows Remote Procedure Call Information Disclosure Vulnerability | ||||
| CVE-2021-1733 | 1 Microsoft | 1 Psexec | 2024-11-21 | 7.8 High |
| Sysinternals PsExec Elevation of Privilege Vulnerability | ||||
| CVE-2021-1731 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 5.5 Medium |
| PFX Encryption Security Feature Bypass Vulnerability | ||||
| CVE-2021-1730 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 5.4 Medium |
| <p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user.</p> <p>This update addresses this vulnerability.</p> <p>To prevent these types of attacks, Microsoft recommends customers to download inline images from different DNSdomains than the rest of OWA. Please see further instructions in the FAQ to put in place this mitigations.</p> | ||||
| CVE-2021-1729 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 7.1 High |
| Windows Update Stack Setup Elevation of Privilege Vulnerability | ||||
| CVE-2021-1728 | 1 Microsoft | 1 System Center Operations Manager | 2024-11-21 | 8.8 High |
| System Center Operations Manager Elevation of Privilege Vulnerability | ||||
| CVE-2021-1727 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2021-1726 | 1 Microsoft | 11 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server and 8 more | 2024-11-21 | 8 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-1725 | 1 Microsoft | 1 Bot Framework Software Development Kit | 2024-11-21 | 5.5 Medium |
| Bot Framework SDK Information Disclosure Vulnerability | ||||
| CVE-2021-1724 | 1 Microsoft | 2 Dynamics 365 Business Central, Dynamics Nav | 2024-11-21 | 6.1 Medium |
| Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | ||||
| CVE-2021-1723 | 3 Fedoraproject, Microsoft, Redhat | 5 Fedora, Asp.net Core, Visual Studio 2019 and 2 more | 2024-11-21 | 7.5 High |
| ASP.NET Core and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2021-1722 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 8.1 High |
| Windows Fax Service Remote Code Execution Vulnerability | ||||
| CVE-2021-1721 | 2 Microsoft, Redhat | 7 .net, .net Core, Powershell Core and 4 more | 2024-11-21 | 6.5 Medium |
| .NET Core and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2021-1719 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 8 High |
| Microsoft SharePoint Elevation of Privilege Vulnerability | ||||
| CVE-2021-1718 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 8 High |
| Microsoft SharePoint Server Tampering Vulnerability | ||||