Filtered by vendor Microsoft
Subscribe
Total
21485 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34840 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14021. | |||||
| CVE-2021-34839 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14020. | |||||
| CVE-2021-34838 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14019. | |||||
| CVE-2021-34837 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14018. | |||||
| CVE-2021-34836 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14017. | |||||
| CVE-2021-34835 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14015. | |||||
| CVE-2021-34834 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14014. | |||||
| CVE-2021-34833 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023. | |||||
| CVE-2021-34832 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the delay property. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13928. | |||||
| CVE-2021-34831 | 3 Foxit, Foxitsoftware, Microsoft | 3 Pdf Reader, Pdf Editor, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.4.37651. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Document objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13741. | |||||
| CVE-2021-34803 | 2 Microsoft, Teamviewer | 2 Windows, Teamviewer | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations. | |||||
| CVE-2021-34692 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges. | |||||
| CVE-2021-34690 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980. | |||||
| CVE-2021-34689 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files. | |||||
| CVE-2021-34688 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker. | |||||
| CVE-2021-34687 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher. | |||||
| CVE-2021-34551 | 3 Fedoraproject, Microsoft, Phpmailer Project | 3 Fedora, Windows, Phpmailer | 2024-11-21 | 5.1 MEDIUM | 8.1 HIGH |
| PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. | |||||
| CVE-2021-34537 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 5.2 MEDIUM | 7.8 HIGH |
| Windows Bluetooth Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-34536 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||
| CVE-2021-34534 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 5.1 MEDIUM | 6.8 MEDIUM |
| Windows MSHTML Platform Remote Code Execution Vulnerability | |||||