Latest CVE Feed
-
7.2
HIGHCVE-2021-24123
Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privilege accounts (admin+) being able to upload arbitrary file... Read more
Affected Products : powerpress- Published: Mar. 18, 2021
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2021-24122
When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The r... Read more
- Published: Jan. 14, 2021
- Modified: Nov. 21, 2024
-
4.9
MEDIUMCVE-2021-24119
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in... Read more
- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
4.9
MEDIUMCVE-2021-24117
In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running ... Read more
- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
4.9
MEDIUMCVE-2021-24116
In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated e... Read more
Affected Products : wolfssl- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-24115
In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).... Read more
Affected Products : botan- Published: Feb. 22, 2021
- Modified: Nov. 21, 2024
-
5.7
MEDIUMCVE-2021-24114
Microsoft Teams iOS Information Disclosure Vulnerability... Read more
Affected Products : teams- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2021-24113
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability... Read more
Affected Products : edge_chromium- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICAL- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-24111
.NET Framework Denial of Service Vulnerability... Read more
- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGH- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-24109
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability... Read more
Affected Products : azure_kubernetes_service- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-24108
Microsoft Office Remote Code Execution Vulnerability... Read more
- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-24107
Windows Event Tracing Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-24106
Windows DirectX Information Disclosure Vulnerability... Read more
- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
8.4
HIGHCVE-2021-24105
<p>Depending on configuration of various package managers it is possible for an attacker to insert a malicious package into a package manager's repository which can be retrieved and used during development, build, and release processes. This insertion cou... Read more
Affected Products : package_manager_configurations- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
5.8
MEDIUM- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-24103
Windows Event Tracing Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-24102
Windows Event Tracing Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-24101
Microsoft Dataverse Information Disclosure Vulnerability... Read more
Affected Products : dynamics_365- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024