Latest CVE Feed
-
7.5
HIGHCVE-2021-34549
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency.... Read more
Affected Products : tor- Published: Jun. 29, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-34548
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.... Read more
Affected Products : tor- Published: Jun. 29, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-34547
PRTG Network Monitor 20.1.55.1775 allows /editsettings CSRF for user account creation.... Read more
Affected Products : prtg_network_monitor- Published: Jun. 10, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-34546
An unauthenticated attacker with physical access to a computer with NetSetMan Pro before 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary ... Read more
Affected Products : netsetman- Published: Jun. 10, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-34544
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60... Read more
- Published: Dec. 07, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-34543
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and... Read more
- Published: Dec. 07, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-34540
Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard.... Read more
Affected Products : webaccess- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-34539
An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution.... Read more
Affected Products : amp- Published: Jun. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-34538
Apache Hive before 3.1.3 "CREATE" and "DROP" function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. Th... Read more
Affected Products : hive- Published: Jul. 16, 2022
- Modified: Nov. 21, 2024
-
8.0
HIGHCVE-2021-34537
Windows Bluetooth Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +8 more products- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-34536
Storage Spaces Controller Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 windows_10_21h1 windows_10_1909 windows_server_20h2 +1 more products- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-34534
Windows MSHTML Platform Remote Code Execution Vulnerability... Read more
- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-34533
Windows Graphics Component Font Parsing Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +9 more products- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUM- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-34530
Windows Graphics Component Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 windows_10_21h1 windows_10_1909 windows_server_20h2 +1 more products- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-34529
Visual Studio Code Remote Code Execution Vulnerability... Read more
Affected Products : visual_studio_code- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-34528
Visual Studio Code Remote Code Execution Vulnerability... Read more
Affected Products : visual_studio_code- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-34525
Windows DNS Server Remote Code Execution Vulnerability... Read more
- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-34524
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability... Read more
Affected Products : dynamics_365- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-34523
Microsoft Exchange Server Elevation of Privilege Vulnerability... Read more
Affected Products : exchange_server- Actively Exploited
- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024