Latest CVE Feed
-
8.4
HIGHCVE-2021-26864
Windows Virtual Registry Provider Elevation of Privilege Vulnerability... Read more
- EPSS Score: %0.60
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26863
Windows Win32k Elevation of Privilege Vulnerability... Read more
- EPSS Score: %0.24
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26862
Windows Installer Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- EPSS Score: %0.47
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26861
Windows Graphics Component Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- EPSS Score: %5.34
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26860
Windows App-V Overlay Filter Elevation of Privilege Vulnerability... Read more
- EPSS Score: %0.30
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2021-26859
Microsoft Power BI Information Disclosure Vulnerability... Read more
Affected Products : power_bi_report_server- EPSS Score: %6.64
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26858
Microsoft Exchange Server Remote Code Execution Vulnerability... Read more
Affected Products : exchange_server- Actively Exploited
- EPSS Score: %76.16
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-26854
Microsoft Exchange Server Remote Code Execution Vulnerability... Read more
Affected Products : exchange_server- EPSS Score: %15.33
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-26845
Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.... Read more
Affected Products : esoms- EPSS Score: %0.28
- Published: Jun. 14, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-26844
A cross-site scripting (XSS) vulnerability in Power Admin PA Server Monitor 8.2.1.1 allows remote attackers to inject arbitrary web script or HTML via Console.exe.... Read more
Affected Products : pa_server_monitor- EPSS Score: %0.25
- Published: Nov. 05, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-26843
An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapping memory ranges being passed to memcpy. This can trigg... Read more
Affected Products : sthttpd- EPSS Score: %0.33
- Published: Feb. 07, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-26837
SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information.... Read more
Affected Products : delivernow- EPSS Score: %0.09
- Published: Sep. 19, 2023
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-26835
No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.... Read more
Affected Products : zettlr- EPSS Score: %0.60
- Published: Jun. 18, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-26834
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.... Read more
Affected Products : znote- EPSS Score: %0.32
- Published: Jun. 18, 2021
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2021-26833
Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115 for Android allows attacker who can locally read user's files obtain JWT tokens for user's account due to insufficient cache clearing mechanisms. A threat acto... Read more
Affected Products : timelybills- EPSS Score: %0.32
- Published: Apr. 06, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-26832
Cross Site Scripting (XSS) in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site.... Read more
Affected Products : priority_enterprise_management_system- EPSS Score: %0.21
- Published: Apr. 14, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-26830
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.php in the `Pugin library - delete` module.... Read more
Affected Products : zenario- EPSS Score: %1.09
- Published: Apr. 16, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-26829
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.... Read more
Affected Products : scadabr- EPSS Score: %0.25
- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-26828
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.... Read more
Affected Products : scadabr- EPSS Score: %50.53
- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-26827
Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashe... Read more
- EPSS Score: %0.93
- Published: Apr. 14, 2021
- Modified: Nov. 21, 2024