Latest CVE Feed
-
7.1
HIGHCVE-2021-43271
Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11.1, 11.11.1a, 11.11.5, and 11.11.5a (when configured to use local, RADIUS, or TACACS authentication) logs usernames and passwords if either is entered incorrec... Read more
Affected Products : appresponse- Published: Jun. 03, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-43270
Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended.... Read more
Affected Products : seq.app.emailplus- Published: Nov. 02, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-43269
In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config (PAC) file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; ... Read more
Affected Products : code42- Published: Jan. 20, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-43268
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.... Read more
Affected Products : vxworks- Published: Nov. 24, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-43267
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message ... Read more
Affected Products : linux_kernel fedora h300s_firmware h500s_firmware h700s_firmware h410s_firmware h300s h410s h500s h700s +6 more products- Published: Nov. 02, 2021
- Modified: Nov. 21, 2024
-
7.3
HIGHCVE-2021-43266
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export could lead to code execution via shell metacharacters in a collection name. Additional, in Mahara before 20.10.4, 21.04.3, and 21.10.1, exporting collections via... Read more
Affected Products : mahara- Published: Nov. 02, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-43265
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag syntax could be used for XSS, such as via a SCRIPT element.... Read more
Affected Products : mahara- Published: Nov. 02, 2021
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2021-43264
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character.... Read more
Affected Products : mahara- Published: Nov. 02, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43257
Lack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel.... Read more
Affected Products : mantisbt- Published: Apr. 14, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43256
Microsoft Excel Remote Code Execution Vulnerability... Read more
- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUM- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43248
Windows Digital Media Receiver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +12 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43247
Windows TCP/IP Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 +4 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
5.6
MEDIUMCVE-2021-43246
Windows Hyper-V Denial of Service Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows_10_1809 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_10_21h1 windows_10_1909 +2 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43245
Windows Digital TV Tuner Elevation of Privilege Vulnerability... Read more
- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-43244
Windows Kernel Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_10_21h1 windows_10_1909 +2 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-43243
VP9 Video Extensions Information Disclosure Vulnerability... Read more
Affected Products : vp9_video_extensions- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.6
HIGH- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43240
NTFS Set Short Name Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows_10_21h1 +3 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-43239
Windows Recovery Environment Agent Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows_10_21h1 +2 more products- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024