Total
32421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43976 | 5 Debian, Fedoraproject, Linux and 2 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). | |||||
| CVE-2021-43955 | 1 Atlassian | 2 Crucible, Fisheye | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed authenticated remote attackers to obtain information about installation directories via information disclosure vulnerability. | |||||
| CVE-2021-43947 | 1 Atlassian | 4 Data Center, Jira, Jira Data Center and 1 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. | |||||
| CVE-2021-43908 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Visual Studio Code Spoofing Vulnerability | |||||
| CVE-2021-43907 | 1 Microsoft | 1 Windows Subsystem For Linux | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Visual Studio Code WSL Extension Remote Code Execution Vulnerability | |||||
| CVE-2021-43899 | 1 Microsoft | 2 Wireless Display Adapter, Wireless Display Adapter Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability | |||||
| CVE-2021-43896 | 1 Microsoft | 1 Powershell | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft PowerShell Spoofing Vulnerability | |||||
| CVE-2021-43892 | 1 Microsoft | 1 Biztalk Esb Toolkit | 2024-11-21 | 4.3 MEDIUM | 7.4 HIGH |
| Microsoft BizTalk ESB Toolkit Spoofing Vulnerability | |||||
| CVE-2021-43891 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code Remote Code Execution Vulnerability | |||||
| CVE-2021-43889 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||
| CVE-2021-43888 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Microsoft Defender for IoT Information Disclosure Vulnerability | |||||
| CVE-2021-43883 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2021-43880 | 1 Microsoft | 1 Windows 11 | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Windows Mobile Device Management Elevation of Privilege Vulnerability | |||||
| CVE-2021-43877 | 1 Microsoft | 3 Asp.net Core, Visual Studio 2019, Visual Studio 2022 | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2021-43876 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 6.0 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2021-43875 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Office Graphics Remote Code Execution Vulnerability | |||||
| CVE-2021-43857 | 1 Gerapy | 1 Gerapy | 2024-11-21 | 6.5 MEDIUM | 9.8 CRITICAL |
| Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8. | |||||
| CVE-2021-43850 | 1 Discourse | 1 Discourse | 2024-11-21 | 4.0 MEDIUM | 6.8 MEDIUM |
| Discourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the `/message-bus/_diagnostics` path. The impact of this vulnerability is greater on multisite Discourse instances (where multiple forums are served from a single application server) where any admin user on any of the forums are able to visit the `/message-bus/_diagnostics` path. The problem has been patched. Please upgrade to 2.8.0.beta10 or 2.7.12. No workarounds for this issue exist. | |||||
| CVE-2021-43803 | 2 Nodejs, Vercel | 2 Node.js, Next.js | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom server. Deployments on Vercel are not affected, along with similar environments where invalid requests are filtered before reaching Next.js. Versions 12.0.5 and 11.1.3 contain patches for this issue. | |||||
| CVE-2021-43745 | 1 Trillium Notes Project | 1 Trillum Notes | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A Denial of Service vulnerabilty exists in Trilium Notes 0.48.6 in the setupPage function | |||||