Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32646 | 1 Dav-cogs Project | 1 Dav-cogs | 2024-11-21 | 7.5 HIGH | 5.3 MEDIUM |
|
Roomer is a discord bot cog (extension) which provides automatic voice channel generation as well as private voice and text channels. A vulnerability has been discovered allowing discord users to get the ``manage channel`` permissions in a private VC they have joined. This allowed them to make changes to or delete the voice channel they have taken over. The exploit does not allow access or control to any other channels in the server. Upgrade to version 1.0.1 for a patched version of the cog. As ...
Show More |
|||||
| CVE-2021-32608 | 1 Smartstore | 1 Smartstore | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/Boards/Partials/_ForumPost.cshtml does not call HtmlUtils.SanitizeHtml on certain text for a forum post.
|
|||||
| CVE-2021-32607 | 1 Smartstore | 1 Smartstore | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message.
|
|||||
| CVE-2021-32575 | 1 Hashicorp | 1 Nomad | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
|
|||||
| CVE-2021-32560 | 1 Octoprint | 1 Octoprint | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files.
|
|||||
| CVE-2021-32546 | 1 Gogs | 1 Gogs | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can cr ...
Show More |
|||||
| CVE-2021-32497 | 1 Sick | 1 Sopas Engineering Tool | 2024-11-21 | 9.3 HIGH | 8.6 HIGH |
|
SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks.
|
|||||
| CVE-2021-32473 | 1 Moodle | 1 Moodle | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
It was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected
|
|||||
| CVE-2021-32234 | 1 Smartertools | 1 Smartermail | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.
|
|||||
| CVE-2021-32198 | 1 Emtec | 1 Zoc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change.
|
|||||
| CVE-2021-32028 | 1 Postgresql | 1 Postgresql | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.
|
|||||
| CVE-2021-32023 | 1 Blackberry | 1 Protect | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
An elevation of privilege vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system.
|
|||||
| CVE-2021-32022 | 1 Blackberry | 1 Protect | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system and gaining the ability to delete data from the local system.
|
|||||
| CVE-2021-32021 | 1 Blackberry | 1 Protect | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A denial of service vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a BlackBerry Cylance service that has admin rights on the system.
|
|||||
| CVE-2021-31985 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Defender Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31984 | 1 Microsoft | 1 Power Bi Report Server | 2024-11-21 | 6.8 MEDIUM | 7.6 HIGH |
|
Power BI Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31983 | 1 Microsoft | 1 Paint 3d | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Paint 3D Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31980 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
|
Microsoft Intune Management Extension Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31978 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Microsoft Defender Denial of Service Vulnerability
|
|||||
| CVE-2021-31976 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Server for NFS Information Disclosure Vulnerability
|
|||||
| CVE-2021-31975 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Server for NFS Information Disclosure Vulnerability
|
|||||
| CVE-2021-31974 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Server for NFS Denial of Service Vulnerability
|
|||||
| CVE-2021-31973 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows GPSVC Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-31972 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Event Tracing for Windows Information Disclosure Vulnerability
|
|||||
| CVE-2021-31971 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.8 MEDIUM | 6.8 MEDIUM |
|
Windows HTML Platforms Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-31970 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows TCP/IP Driver Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-31968 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Windows Remote Desktop Services Denial of Service Vulnerability
|
|||||
| CVE-2021-31967 | 1 Microsoft | 1 Vp9 Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
VP9 Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31966 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31965 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 4.0 MEDIUM | 5.7 MEDIUM |
|
Microsoft SharePoint Server Information Disclosure Vulnerability
|
|||||
| CVE-2021-31964 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 5.5 MEDIUM | 7.6 HIGH |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||
| CVE-2021-31963 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 6.5 MEDIUM | 7.1 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-31962 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.5 HIGH | 9.4 CRITICAL |
|
Kerberos AppContainer Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-31960 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows Bind Filter Driver Information Disclosure Vulnerability
|
|||||
| CVE-2021-31959 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.8 MEDIUM | 6.4 MEDIUM |
|
Scripting Engine Memory Corruption Vulnerability
|
|||||
| CVE-2021-31957 | 2 Fedoraproject, Microsoft | 4 Fedora, .net, .net Core and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
|
ASP.NET Core Denial of Service Vulnerability
|
|||||
| CVE-2021-31953 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Filter Manager Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-31952 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-31951 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-31948 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 5.5 MEDIUM | 7.6 HIGH |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||