Latest CVE Feed
-
9.3
HIGHCVE-2021-1643
HEVC Video Extensions Remote Code Execution Vulnerability... Read more
Affected Products : hevc_video_extensions- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1642
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1803 windows_10_1909 windows_server_20h2 windows_server_1909 +1 more products- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
5.8
MEDIUM- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1640
Windows Print Spooler Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- Published: Mar. 11, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGH- Published: Feb. 25, 2021
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2021-1638
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a sof... Read more
- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-1637
Windows DNS Query Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +6 more products- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1636
Microsoft SQL Elevation of Privilege Vulnerability... Read more
Affected Products : sql_server- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-1630
XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers.... Read more
Affected Products : mule- Published: Aug. 05, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1629
Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users.... Read more
- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1628
MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021.... Read more
Affected Products : mule- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1627
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021.... Read more
Affected Products : mule- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1626
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021.... Read more
Affected Products : mule- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2021-1625
A vulnerability in the Zone-Based Policy Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent the Zone-Based Policy Firewall from correctly classifying traffic. This vulnerability exists because ICMP and UDP... Read more
Affected Products : ios_xe- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1624
A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a ... Read more
Affected Products : ios_xe asr_1001 asr_1002 asr_1002-x asr_1004 asr_1006 asr_1013 asr_1000 asr_1000-esp100 asr_1001-hx +10 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2021-1623
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) conditi... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1622
A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. T... Read more
Affected Products : ios_xe 7600_router asr_901-12c-f-d asr_901-12c-ft-d asr_901-4c-f-d asr_901-4c-ft-d asr_901-6cz-f-a asr_901-6cz-f-d asr_901-6cz-fs-a asr_901-6cz-fs-d +3 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-1621
A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulner... Read more
Affected Products : ios_xe asr_1001 asr_1002 asr_1002-x asr_1004 asr_1006 asr_1013 1100-4g\/6g_integrated_services_router 1100-4p_integrated_services_router 1100-8p_integrated_services_router +35 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1619
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, ... Read more
Affected Products : ios_xe ios_xe_sd-wan ios_xe_sd-wan_16.10.1_when_installed_on_1000_series_integrated_services ios_xe_sd-wan_16.10.1_when_installed_on_4000_series_integrated_services ios_xe_sd-wan_16.10.1_when_installed_on_asr_1000_series_aggregation_services ios_xe_sd-wan_16.10.1_when_installed_on_integrated_services_virtual ios_xe_sd-wan_16.10.2_when_installed_on_1000_series_integrated_services ios_xe_sd-wan_16.10.2_when_installed_on_4000_series_integrated_services ios_xe_sd-wan_16.10.2_when_installed_on_asr_1000_series_aggregation_services ios_xe_sd-wan_16.10.2_when_installed_on_integrated_services_virtual +136 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1618
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due... Read more
Affected Products : intersight_virtual_appliance- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024