Latest CVE Feed
-
9.8
CRITICALCVE-2021-26505
Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.... Read more
Affected Products : hello.js- EPSS Score: %1.26
- Published: Aug. 11, 2023
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-26504
Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.... Read more
Affected Products : huemagic- EPSS Score: %0.51
- Published: Aug. 11, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-26476
EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI.... Read more
Affected Products : eprints- EPSS Score: %2.87
- Published: Mar. 01, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-26475
EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI.... Read more
Affected Products : eprints- EPSS Score: %60.55
- Published: Mar. 01, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-26474
Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.)... Read more
- EPSS Score: %0.23
- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-26473
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by ... Read more
- EPSS Score: %0.74
- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-26472
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.... Read more
- EPSS Score: %9.97
- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-26471
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands.... Read more
- EPSS Score: %7.30
- Published: Jun. 08, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-26461
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote co... Read more
Affected Products : nuttx- EPSS Score: %2.05
- Published: Jun. 21, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-26444
Azure RTOS Information Disclosure Vulnerability... Read more
Affected Products : azure_real_time_operating_system- EPSS Score: %1.05
- Published: Nov. 10, 2021
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2021-26443
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_server_2022 windows_11_21h2 windows_11 windows_10_21h1 windows_10_1909 windows_server_20h2 +1 more products- EPSS Score: %0.55
- Published: Nov. 10, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26442
Windows HTTP.sys Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- EPSS Score: %0.61
- Published: Oct. 13, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26441
Storage Spaces Controller Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 windows_10_1809 windows_10_20h2 +9 more products- EPSS Score: %0.35
- Published: Oct. 13, 2021
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2021-26439
Microsoft Edge for Android Information Disclosure Vulnerability... Read more
- EPSS Score: %6.59
- Published: Sep. 02, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-26437
Visual Studio Code Spoofing Vulnerability... Read more
Affected Products : visual_studio_code- EPSS Score: %1.51
- Published: Sep. 15, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGH- EPSS Score: %1.11
- Published: Sep. 02, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-26435
Windows Scripting Engine Memory Corruption Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- EPSS Score: %3.81
- Published: Sep. 15, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGH- EPSS Score: %0.63
- Published: Sep. 15, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-26433
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +5 more products- EPSS Score: %13.88
- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-26432
Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +5 more products- EPSS Score: %10.21
- Published: Aug. 12, 2021
- Modified: Nov. 21, 2024