Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27267 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to ...
Show More |
|||||
| CVE-2021-27266 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attac ...
Show More |
|||||
| CVE-2021-27265 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attac ...
Show More |
|||||
| CVE-2021-27264 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attac ...
Show More |
|||||
| CVE-2021-27263 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attac ...
Show More |
|||||
| CVE-2021-27262 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attac ...
Show More |
|||||
| CVE-2021-27261 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can levera ...
Show More |
|||||
| CVE-2021-27195 | 2 Microsoft, Netop | 2 Windows, Vision Pro | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
|
Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an attacker to replay network traffic.
|
|||||
| CVE-2021-27194 | 2 Microsoft, Netop | 2 Windows, Vision Pro | 2024-11-21 | 3.3 LOW | 8.8 HIGH |
|
Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to gather credentials including Windows login usernames and passwords.
|
|||||
| CVE-2021-27193 | 2 Microsoft, Netop | 2 Windows, Vision Pro | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to read and write files on the remote machine with system privileges resulting in a privilege escalation.
|
|||||
| CVE-2021-27192 | 2 Microsoft, Netop | 2 Windows, Vision Pro | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Local privilege escalation vulnerability in Windows clients of Netop Vision Pro up to and including 9.7.1 allows a local user to gain administrator privileges whilst using the clients.
|
|||||
| CVE-2021-27096 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NTFS Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27095 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Windows Media Video Decoder Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27094 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-27093 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows Kernel Information Disclosure Vulnerability
|
|||||
| CVE-2021-27092 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 7.5 HIGH | 6.8 MEDIUM |
|
Azure AD Web Sign-in Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-27091 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Server 2012 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27090 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27089 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Internet Messaging API Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27088 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Event Tracing Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27086 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Services and Controller App Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27083 | 1 Microsoft | 1 Remote Development | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27082 | 1 Microsoft | 1 Quantum Development Kit | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27080 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 7.2 HIGH | 9.3 CRITICAL |
|
Azure Sphere Unsigned Code Execution Vulnerability
|
|||||
| CVE-2021-27079 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 6.3 MEDIUM | 5.7 MEDIUM |
|
Windows Media Photo Codec Information Disclosure Vulnerability
|
|||||
| CVE-2021-27078 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
|
Microsoft Exchange Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27077 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27076 | 1 Microsoft | 3 Business Productivity Servers, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27075 | 1 Microsoft | 5 Azure Container Instances, Azure Container Registry, Azure Kubernetes Service and 2 more | 2024-11-21 | 2.7 LOW | 6.8 MEDIUM |
|
Azure Virtual Machine Information Disclosure Vulnerability
|
|||||
| CVE-2021-27074 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 4.9 MEDIUM | 6.2 MEDIUM |
|
Azure Sphere Unsigned Code Execution Vulnerability
|
|||||
| CVE-2021-27072 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27070 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 9.3 HIGH | 7.3 HIGH |
|
Windows 10 Update Assistant Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27068 | 1 Microsoft | 1 Visual Studio 2019 | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Visual Studio Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27067 | 1 Microsoft | 2 Azure Devops Server, Team Foundation Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
|
|||||
| CVE-2021-27066 | 1 Microsoft | 1 Windows Admin Center | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Windows Admin Center Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-27064 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Visual Studio Installer Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-27063 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Windows DNS Server Denial of Service Vulnerability
|
|||||
| CVE-2021-27062 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27061 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-27060 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Visual Studio Code Remote Code Execution Vulnerability
|
|||||