Latest CVE Feed
-
7.4
HIGHCVE-2021-40457
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability... Read more
Affected Products : dynamics_365- Published: Oct. 13, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-40456
Windows AD FS Security Feature Bypass Vulnerability... Read more
Affected Products : windows_server_2019 windows_server windows_server_2022 windows_server_20h2 windows_server_2004- Published: Oct. 13, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-40455
Windows Installer Spoofing Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +13 more products- Published: Oct. 13, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-40454
Rich Text Edit Control Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 office windows_server_2019 365_apps windows_server windows_10_1607 +12 more products- Published: Oct. 13, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-40453
HEVC Video Extensions Remote Code Execution Vulnerability... Read more
Affected Products : hevc_video_extensions- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-40452
HEVC Video Extensions Remote Code Execution Vulnerability... Read more
Affected Products : hevc_video_extensions- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
6.3
MEDIUMCVE-2021-40448
Microsoft Accessibility Insights for Android Information Disclosure Vulnerability... Read more
Affected Products : accessibility_insights_for_android- Published: Sep. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-40447
Windows Print Spooler Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- Published: Sep. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-40443
Windows Common Log File System Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +13 more products- Published: Oct. 13, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-40442
Microsoft Excel Remote Code Execution Vulnerability... Read more
- Published: Nov. 10, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-40441
Windows Media Center Elevation of Privilege Vulnerability... Read more
- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-40440
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability... Read more
Affected Products : dynamics_365_business_central- Published: Sep. 15, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-40439
Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versio... Read more
Affected Products : openoffice- Published: Oct. 07, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-40425
An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. An out-of-bound... Read more
Affected Products : secureanywhere- Published: Apr. 14, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-40424
An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. An out-of-bound... Read more
Affected Products : secureanywhere- Published: Apr. 14, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-40423
A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted series of HTTP requests can lead to denial of service. An attacker can send an HTTP request to trig... Read more
- Published: Jan. 28, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-40422
An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger ... Read more
- Published: Apr. 14, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-40420
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker... Read more
Affected Products : pdf_reader- Published: Feb. 04, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-40419
A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted series of network requests can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulne... Read more
- Published: Jan. 28, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-40418
When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction ... Read more
Affected Products : davinci_resolve- Published: Dec. 22, 2021
- Modified: Nov. 21, 2024