Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-42103 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42101.
|
|||||
| CVE-2021-42102 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2021-42101 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42103.
|
|||||
| CVE-2021-42056 | 3 Linux, Microsoft, Thalesgroup | 3 Linux Kernel, Windows, Safenet Authentication Client | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges.
|
|||||
| CVE-2021-42011 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2021-41785 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
|
|||||
| CVE-2021-41784 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
|
|||||
| CVE-2021-41783 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
|
|||||
| CVE-2021-41782 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
|
|||||
| CVE-2021-41781 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
|
|||||
| CVE-2021-41780 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
|
|||||
| CVE-2021-41635 | 2 Melag, Microsoft | 2 Ftp Server, Windows | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire host system.
|
|||||
| CVE-2021-41378 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 6.5 MEDIUM | 7.8 HIGH |
|
Windows NTFS Remote Code Execution Vulnerability
|
|||||
| CVE-2021-41377 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41376 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 2.3 LOW |
|
Azure Sphere Information Disclosure Vulnerability
|
|||||
| CVE-2021-41375 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
Azure Sphere Information Disclosure Vulnerability
|
|||||
| CVE-2021-41374 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 6.7 MEDIUM |
|
Azure Sphere Information Disclosure Vulnerability
|
|||||
| CVE-2021-41373 | 1 Microsoft | 1 Fslogix | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
FSLogix Information Disclosure Vulnerability
|
|||||
| CVE-2021-41371 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
|
|||||
| CVE-2021-41370 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NTFS Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41368 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 6.1 MEDIUM |
|
Microsoft Access Remote Code Execution Vulnerability
|
|||||
| CVE-2021-41367 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NTFS Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41366 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41365 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Microsoft Defender for IoT Remote Code Execution Vulnerability
|
|||||
| CVE-2021-41363 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 4.4 MEDIUM | 4.2 MEDIUM |
|
Intune Management Extension Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-41361 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Active Directory Federation Server Spoofing Vulnerability
|
|||||
| CVE-2021-41360 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-41356 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Windows Denial of Service Vulnerability
|
|||||
| CVE-2021-41355 | 1 Microsoft | 3 .net, Powershell, Visual Studio 2019 | 2024-11-21 | 2.9 LOW | 5.7 MEDIUM |
|
.NET Core and Visual Studio Information Disclosure Vulnerability
|
|||||
| CVE-2021-41354 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
|
|||||
| CVE-2021-41353 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
|
|||||
| CVE-2021-41352 | 1 Microsoft | 1 System Center Operations Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
SCOM Information Disclosure Vulnerability
|
|||||
| CVE-2021-41351 | 1 Microsoft | 4 Edge, Windows 10, Windows 11 and 1 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Microsoft Edge (Chrome based) Spoofing on IE Mode
|
|||||
| CVE-2021-41350 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Microsoft Exchange Server Spoofing Vulnerability
|
|||||
| CVE-2021-41349 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Microsoft Exchange Server Spoofing Vulnerability
|
|||||
| CVE-2021-41348 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Microsoft Exchange Server Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41347 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows AppX Deployment Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41346 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
|
Console Window Host Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-41345 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Storage Spaces Controller Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41344 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 6.5 MEDIUM | 8.1 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||