Latest CVE Feed
-
4.3
MEDIUMCVE-2021-32002
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on ... Read more
- Published: Aug. 05, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-32001
K3s in SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup, to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc.)... Read more
- Published: Jul. 28, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-32000
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary... Read more
- Published: Jul. 28, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-31999
A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. This issue affects: Rancher versions prior t... Read more
Affected Products : rancher- Published: Jul. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-31998
A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affe... Read more
- Published: Jun. 10, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-31997
A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE Leap 15.2 python-postorius version 1... Read more
- Published: Jun. 10, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-31996
An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge().... Read more
Affected Products : algorithmica- Published: May. 03, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-31989
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connecte... Read more
Affected Products : device_manager- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-31988
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.... Read more
- Published: Oct. 05, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-31987
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.... Read more
- Published: Oct. 05, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-31986
User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.... Read more
- Published: Oct. 05, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-31985
Microsoft Defender Remote Code Execution Vulnerability... Read more
Affected Products : malware_protection_engine- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-31984
Power BI Remote Code Execution Vulnerability... Read more
Affected Products : power_bi_report_server- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-31983
Paint 3D Remote Code Execution Vulnerability... Read more
Affected Products : paint_3d- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-31980
Microsoft Intune Management Extension Remote Code Execution Vulnerability... Read more
Affected Products : intune_management_extension- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-31978
Microsoft Defender Denial of Service Vulnerability... Read more
Affected Products : malware_protection_engine- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-31977
Windows Hyper-V Denial of Service Vulnerability... Read more
- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-31976
Server for NFS Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +5 more products- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-31975
Server for NFS Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +5 more products- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-31974
Server for NFS Denial of Service Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +5 more products- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024