Filtered by vendor Microsoft
Subscribe
Total
21366 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26606 | 2 Dreamsecurity, Microsoft | 2 Magicline4nx.exe, Windows | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. | |||||
| CVE-2021-26605 | 2 Microsoft, Unidocs | 2 Windows, Ezpdfreader | 2024-11-21 | 7.5 HIGH | 7.5 HIGH |
| An improper input validation vulnerability in the service of ezPDFReader allows attacker to execute arbitrary command. This issue occurred when the ezPDF launcher received and executed crafted input values through JSON-RPC communication. | |||||
| CVE-2021-26603 | 2 Bandisoft, Microsoft | 2 Ark Library, Windows | 2024-11-21 | 6.8 MEDIUM | 8.6 HIGH |
| A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the Ark_DigPathA function parsed a file path. This vulnerability is due to missing support for string length check. | |||||
| CVE-2021-26582 | 3 Hp, Microsoft, Redhat | 4 Hp-ux, Icewall Sso Dgfw, Windows and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS). | |||||
| CVE-2021-26472 | 2 Microsoft, Vembu | 3 Windows, Bdr Suite, Offsite Dr | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
| In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges. | |||||
| CVE-2021-26444 | 1 Microsoft | 1 Azure Real Time Operating System | 2024-11-21 | 1.9 LOW | 3.3 LOW |
| Azure RTOS Information Disclosure Vulnerability | |||||
| CVE-2021-26443 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 7.7 HIGH | 9.0 CRITICAL |
| Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability | |||||
| CVE-2021-26442 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
| Windows HTTP.sys Elevation of Privilege Vulnerability | |||||
| CVE-2021-26441 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 8.1 and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||
| CVE-2021-26439 | 2 Google, Microsoft | 2 Android, Edge | 2024-11-21 | 4.3 MEDIUM | 4.6 MEDIUM |
| Microsoft Edge for Android Information Disclosure Vulnerability | |||||
| CVE-2021-26437 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Visual Studio Code Spoofing Vulnerability | |||||
| CVE-2021-26436 | 1 Microsoft | 1 Edge | 2024-11-21 | 6.8 MEDIUM | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-26435 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Windows Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2021-26434 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2021-26433 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | |||||
| CVE-2021-26432 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability | |||||
| CVE-2021-26431 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability | |||||
| CVE-2021-26430 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 6.0 MEDIUM |
| Azure Sphere Denial of Service Vulnerability | |||||
| CVE-2021-26429 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 4.6 MEDIUM | 7.7 HIGH |
| Azure Sphere Elevation of Privilege Vulnerability | |||||
| CVE-2021-26428 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||