Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1663 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
|
|||||
| CVE-2021-1662 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Event Tracing Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1661 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Installer Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1660 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Remote Procedure Call Runtime Remote Code Execution Vulnerability
|
|||||
| CVE-2021-1659 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows CSC Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1658 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Remote Procedure Call Runtime Remote Code Execution Vulnerability
|
|||||
| CVE-2021-1657 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Fax Compose Form Remote Code Execution Vulnerability
|
|||||
| CVE-2021-1656 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
TPM Device Driver Information Disclosure Vulnerability
|
|||||
| CVE-2021-1655 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows CSC Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1654 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows CSC Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1653 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows CSC Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1652 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows CSC Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1651 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1650 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1649 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Active Template Library Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1648 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Server 2012 and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Microsoft splwow64 Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1646 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 7.2 HIGH | 6.6 MEDIUM |
|
Windows WLAN Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1645 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.3 MEDIUM | 5.0 MEDIUM |
|
Windows Docker Information Disclosure Vulnerability
|
|||||
| CVE-2021-1644 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-1643 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2021-1642 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1641 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 5.8 MEDIUM | 4.6 MEDIUM |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||
| CVE-2021-1640 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Print Spooler Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1639 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio Code | 2024-11-21 | 6.8 MEDIUM | 7.0 HIGH |
|
Visual Studio Code Remote Code Execution Vulnerability
|
|||||
| CVE-2021-1638 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 2.1 LOW | 7.7 HIGH |
|
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key
|
|||||
| CVE-2021-1637 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Windows DNS Query Information Disclosure Vulnerability
|
|||||
| CVE-2021-1636 | 1 Microsoft | 1 Sql Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Microsoft SQL Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-1629 | 3 Linux, Microsoft, Tableau | 3 Linux Kernel, Windows, Tableau Server | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
|
Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users.
|
|||||
| CVE-2021-1492 | 2 Duo, Microsoft | 2 Authentication Proxy, Windows | 2024-11-21 | 3.6 LOW | 6.6 MEDIUM |
|
The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo Authentication Proxy installer, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. This is only exploitable during new installations, while th ...
Show More |
|||||
| CVE-2021-1450 | 4 Apple, Cisco, Linux and 1 more | 4 Macos, Anyconnect Secure Mobility Client, Linux Kernel and 1 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending one or more crafted IPC messages to the AnyConnect p ...
Show More |
|||||
| CVE-2021-1258 | 3 Cisco, Mcafee, Microsoft | 3 Anyconnect Secure Mobility Client, Agent Epolicy Orchestrator Extension, Windows | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient file permission restrictions. An attacker could exploit this vulnerability by sending a crafted command from the local CLI to the application. A successful exploit could allow the attacker to read arbitrary files on the und ...
Show More |
|||||
| CVE-2021-1125 | 3 Linux, Microsoft, Nvidia | 109 Linux Kernel, Windows, Dgx-1 P100 and 106 more | 2024-11-21 | 4.9 MEDIUM | 4.1 MEDIUM |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
|
|||||
| CVE-2021-1105 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 2.1 LOW | 4.1 MEDIUM |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
|
|||||
| CVE-2021-1088 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 2.1 LOW | 4.1 MEDIUM |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
|
|||||
| CVE-2021-1084 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4).
|
|||||
| CVE-2021-1083 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4).
|
|||||
| CVE-2021-1081 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7).
|
|||||
| CVE-2021-1079 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
|
NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the consequence of a modification nor would they be able to leak information as a direct result of the overwrite.
|
|||||
| CVE-2021-1073 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 5.1 MEDIUM | 8.3 HIGH |
|
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the user’s account is compromised. This may lead to the targeted user’s data being accessed, altered, or lost.
|
|||||
| CVE-2021-1072 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 3.6 LOW | 6.0 MEDIUM |
|
NVIDIA GeForce Experience, all versions prior to 3.21, contains a vulnerability in GameStream (rxdiag.dll) where an arbitrary file deletion due to improper handling of log files may lead to denial of service.
|
|||||