Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34146 | 1 Cypress | 4 Cyw20735b1, Cyw20735b1 Firmware, Cyw920735q60evb-01 and 1 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
The Bluetooth Classic implementation in the Cypress CYW920735Q60EVB does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and restart (crash) of the device by flooding it with LMP_AU_Rand packets after the paging procedure.
|
|||||
| CVE-2021-34145 | 1 Cypress | 2 Cyw20735b1, Wireless Internet Connectivity For Embedded Devices | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
|
The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMP_max_slot with an invalid Baseband packet type (and LT_ADDRESS and LT_ADDR) after completion of the LMP setup procedure, allowing attackers in radio range to trigger a denial of service (firmware crash) via a crafted LMP packet.
|
|||||
| CVE-2021-34144 | 1 Zh-jieli | 15 Ac6936, Ac6951, Ac6952 and 12 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMP_SCO_Link_Request packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.
|
|||||
| CVE-2021-34143 | 1 Zh-jieli | 15 Ac6936, Ac6951, Ac6952 and 12 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C_DEMO_V1.0 does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets after paging procedure. User intervention is required to restart the device.
|
|||||
| CVE-2021-33911 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Zoho ManageEngine ADManager Plus before 7110 allows remote code execution.
|
|||||
| CVE-2021-33903 | 1 Lancom-systems | 1 Lcos | 2024-11-21 | 8.5 HIGH | 8.8 HIGH |
|
In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, changing the password of the root user via LANconfig does change the password of the root user for SNMPv3 access.)
|
|||||
| CVE-2021-33823 | 1 Moxa | 2 Mgate Mb3180, Mgate Mb3180 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
|
|||||
| CVE-2021-33820 | 1 Ui | 2 Camera G3 Flex, Camera G3 Flex Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.
|
|||||
| CVE-2021-33794 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.
|
|||||
| CVE-2021-33788 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Windows LSA Denial of Service Vulnerability
|
|||||
| CVE-2021-33786 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 6.5 MEDIUM | 8.1 HIGH |
|
Windows LSA Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-33785 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Windows AF_UNIX Socket Provider Denial of Service Vulnerability
|
|||||
| CVE-2021-33784 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33783 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Windows SMB Information Disclosure Vulnerability
|
|||||
| CVE-2021-33782 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Windows Authenticode Spoofing Vulnerability
|
|||||
| CVE-2021-33781 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
Azure AD Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-33780 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Windows DNS Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-33779 | 1 Microsoft | 2 Windows Server 2016, Windows Server 2019 | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
Windows AD FS Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-33778 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-33777 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-33776 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-33775 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-33774 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
|
Windows Event Tracing Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33773 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33772 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Windows TCP/IP Driver Denial of Service Vulnerability
|
|||||
| CVE-2021-33768 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Microsoft Exchange Server Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33767 | 1 Microsoft | 1 Open Enclave Software Development Kit | 2024-11-21 | 4.6 MEDIUM | 8.2 HIGH |
|
Open Enclave SDK Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33765 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
|
Windows Installer Spoofing Vulnerability
|
|||||
| CVE-2021-33764 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
Windows Key Distribution Center Information Disclosure Vulnerability
|
|||||
| CVE-2021-33763 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows Remote Access Connection Manager Information Disclosure Vulnerability
|
|||||
| CVE-2021-33762 | 1 Microsoft | 1 Azure Cyclecloud | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
|
Azure CycleCloud Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33761 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33760 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Media Foundation Information Disclosure Vulnerability
|
|||||
| CVE-2021-33759 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Desktop Bridge Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-33758 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
|
Windows Hyper-V Denial of Service Vulnerability
|
|||||
| CVE-2021-33757 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.5 HIGH | 5.3 MEDIUM |
|
Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-33756 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Windows DNS Snap-in Remote Code Execution Vulnerability
|
|||||
| CVE-2021-33755 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 5.0 MEDIUM | 6.3 MEDIUM |
|
Windows Hyper-V Denial of Service Vulnerability
|
|||||
| CVE-2021-33754 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 6.0 MEDIUM | 8.0 HIGH |
|
Windows DNS Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-33753 | 1 Microsoft | 1 Bing | 2024-11-21 | 4.3 MEDIUM | 4.7 MEDIUM |
|
Microsoft Bing Search Spoofing Vulnerability
|
|||||