Total
2071 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37627 | 1 Contao | 1 Contao | 2024-11-21 | 6.5 MEDIUM | 8.0 HIGH |
| Contao is an open source CMS that allows creation of websites and scalable web applications. In affected versions it is possible to gain privileged rights in the Contao back end. Installations are only affected if they have untrusted back end users who have access to the form generator. All users are advised to update to Contao 4.4.56, 4.9.18 or 4.11.7. As a workaround users may disable the form generator or disable the login for untrusted back end users. | |||||
| CVE-2021-37345 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because xi-sys.cfg is being imported from the var directory for some scripts with elevated permissions. | |||||
| CVE-2021-37173 | 1 Siemens | 20 Ruggedcom Rox Mx5000, Ruggedcom Rox Mx5000 Firmware, Ruggedcom Rox Rx1400 and 17 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). The command line interface of affected devices insufficiently restrict file read and write operations for low privileged users. This could allow an authenticated remote attacker to escalate privileges and gain root access to the device. | |||||
| CVE-2021-37167 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. A user logged in using the default credentials can gain root access to the device, which provides permissions for all of the functionality of the device. | |||||
| CVE-2021-36975 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-36974 | 1 Microsoft | 7 Windows 10, Windows 8.1, Windows Rt 8.1 and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows SMB Elevation of Privilege Vulnerability | |||||
| CVE-2021-36973 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | |||||
| CVE-2021-36968 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows DNS Elevation of Privilege Vulnerability | |||||
| CVE-2021-36967 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 5.8 MEDIUM | 8.0 HIGH |
| Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-36966 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Subsystem for Linux Elevation of Privilege Vulnerability | |||||
| CVE-2021-36964 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-36963 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-36957 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Desktop Bridge Elevation of Privilege Vulnerability | |||||
| CVE-2021-36954 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| Windows Bind Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-36945 | 1 Microsoft | 1 Windows 10 Update Assistant | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
| Windows 10 Update Assistant Elevation of Privilege Vulnerability | |||||
| CVE-2021-36943 | 1 Microsoft | 1 Azure Cyclecloud | 2024-11-21 | 4.6 MEDIUM | 4.0 MEDIUM |
| Azure CycleCloud Elevation of Privilege Vulnerability | |||||
| CVE-2021-36931 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 6.8 MEDIUM | 4.4 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-36930 | 1 Microsoft | 1 Edge | 2024-11-21 | 6.8 MEDIUM | 5.3 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-36927 | 1 Microsoft | 5 Windows 7, Windows 8.1, Windows Rt 8.1 and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability | |||||
| CVE-2021-36784 | 1 Suse | 1 Rancher | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. | |||||