Latest CVE Feed
-
9.8
CRITICALCVE-2021-43935
The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without suppl... Read more
Affected Products : welch_allyn_connex_cardio welch_allyn_diagnostic_cardiology_suite welch_allyn_rscribe_resting_ecg_system welch_allyn_vision_express_holter_analysis_system welch_allyn_hscribe_holter_analysis_system_firmware welch_allyn_q-stress_cardiac_stress_testing_system_firmware welch_allyn_xscribe_cardiac_stress_testing_system_firmware welch_allyn_hscribe_holter_analysis_system welch_allyn_q-stress_cardiac_stress_testing_system welch_allyn_xscribe_cardiac_stress_testing_system- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-43934
Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files.... Read more
Affected Products : smartptt_scada- Published: Apr. 28, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-43933
The affected product is vulnerable to a network-based attack by threat actors sending unimpeded requests to the receiving server, which could cause a denial-of-service condition due to lack of heap memory resources.... Read more
Affected Products : roboguide- Published: Apr. 20, 2022
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2021-43932
Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the dashboard or the main page.... Read more
Affected Products : smartptt_scada- Published: Apr. 28, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-43931
The authentication algorithm of the WebHMI portal is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.... Read more
- Published: Dec. 06, 2021
- Modified: Nov. 21, 2024
-
4.9
MEDIUMCVE-2021-43930
Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system.... Read more
Affected Products : smartptt_scada- Published: Apr. 28, 2022
- Modified: Nov. 21, 2024
-
9.9
CRITICALCVE-2021-43928
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in mail sending and receiving component in Synology Mail Station before 20211105-10315 allows remote authenticated users to execute arbitrary commands... Read more
Affected Products : mail_station- Published: Feb. 07, 2022
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-43908
Visual Studio Code Spoofing Vulnerability... Read more
Affected Products : visual_studio_code- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-43907
Visual Studio Code WSL Extension Remote Code Execution Vulnerability... Read more
Affected Products : windows_subsystem_for_linux- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-43899
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability... Read more
- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUM- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-43893
Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-43892
Microsoft BizTalk ESB Toolkit Spoofing Vulnerability... Read more
Affected Products : biztalk_esb_toolkit- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43891
Visual Studio Code Remote Code Execution Vulnerability... Read more
Affected Products : visual_studio_code- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-43890
We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known a... Read more
Affected Products : windows_10 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_11_21h2 windows_10_1507 windows_10_1709 windows_10_1803 windows_10_21h1 windows_10_1909 +3 more products- Actively Exploited
- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-43889
Microsoft Defender for IoT Remote Code Execution Vulnerability... Read more
Affected Products : defender_for_iot- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-43888
Microsoft Defender for IoT Information Disclosure Vulnerability... Read more
Affected Products : defender_for_iot- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43883
Windows Installer Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-43882
Microsoft Defender for IoT Remote Code Execution Vulnerability... Read more
Affected Products : defender_for_iot- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUM- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024