Latest CVE Feed
-
5.5
MEDIUMCVE-2021-26869
Windows ActiveX Installer Service Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +9 more products- EPSS Score: %0.40
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26868
Windows Graphics Component Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +6 more products- EPSS Score: %12.21
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
9.9
CRITICALCVE-2021-26867
Windows Hyper-V Remote Code Execution Vulnerability... Read more
- EPSS Score: %1.18
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-26866
Windows Update Service Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 windows_10_1803 windows_10_1909 windows_server_20h2 +2 more products- EPSS Score: %0.64
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-26865
Windows Container Execution Agent Elevation of Privilege Vulnerability... Read more
- EPSS Score: %2.21
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-26864
Windows Virtual Registry Provider Elevation of Privilege Vulnerability... Read more
- EPSS Score: %0.60
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26863
Windows Win32k Elevation of Privilege Vulnerability... Read more
- EPSS Score: %0.24
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26862
Windows Installer Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- EPSS Score: %0.47
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26861
Windows Graphics Component Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- EPSS Score: %5.34
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26860
Windows App-V Overlay Filter Elevation of Privilege Vulnerability... Read more
- EPSS Score: %0.30
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2021-26859
Microsoft Power BI Information Disclosure Vulnerability... Read more
Affected Products : power_bi_report_server- EPSS Score: %6.64
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26858
Microsoft Exchange Server Remote Code Execution Vulnerability... Read more
Affected Products : exchange_server- Actively Exploited
- EPSS Score: %76.16
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-26854
Microsoft Exchange Server Remote Code Execution Vulnerability... Read more
Affected Products : exchange_server- EPSS Score: %15.33
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-26845
Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.... Read more
Affected Products : esoms- EPSS Score: %0.28
- Published: Jun. 14, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-26844
A cross-site scripting (XSS) vulnerability in Power Admin PA Server Monitor 8.2.1.1 allows remote attackers to inject arbitrary web script or HTML via Console.exe.... Read more
Affected Products : pa_server_monitor- EPSS Score: %0.25
- Published: Nov. 05, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-26843
An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapping memory ranges being passed to memcpy. This can trigg... Read more
Affected Products : sthttpd- EPSS Score: %0.33
- Published: Feb. 07, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-26837
SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information.... Read more
Affected Products : delivernow- EPSS Score: %0.09
- Published: Sep. 19, 2023
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-26835
No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.... Read more
Affected Products : zettlr- EPSS Score: %0.60
- Published: Jun. 18, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-26834
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.... Read more
Affected Products : znote- EPSS Score: %0.32
- Published: Jun. 18, 2021
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2021-26833
Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115 for Android allows attacker who can locally read user's files obtain JWT tokens for user's account due to insufficient cache clearing mechanisms. A threat acto... Read more
Affected Products : timelybills- EPSS Score: %0.32
- Published: Apr. 06, 2021
- Modified: Nov. 21, 2024