Total
32421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41350 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2021-41349 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2021-41346 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| Console Window Host Security Feature Bypass Vulnerability | |||||
| CVE-2021-41344 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 6.5 MEDIUM | 8.1 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2021-41343 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Fast FAT File System Driver Information Disclosure Vulnerability | |||||
| CVE-2021-41342 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 6.8 MEDIUM | 6.8 MEDIUM |
| Windows MSHTML Platform Remote Code Execution Vulnerability | |||||
| CVE-2021-41340 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Graphics Component Remote Code Execution Vulnerability | |||||
| CVE-2021-41338 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability | |||||
| CVE-2021-41337 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Active Directory Security Feature Bypass Vulnerability | |||||
| CVE-2021-41336 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2021-41333 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-41332 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Print Spooler Information Disclosure Vulnerability | |||||
| CVE-2021-41331 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Media Audio Decoder Remote Code Execution Vulnerability | |||||
| CVE-2021-41330 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | |||||
| CVE-2021-41326 | 1 Misp | 1 Misp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call. | |||||
| CVE-2021-41303 | 2 Apache, Oracle | 2 Shiro, Financial Services Crime And Compliance Management Studio | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0. | |||||
| CVE-2021-41222 | 1 Google | 1 Tensorflow | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever `size_splits` contains more than one value and at least one value is negative. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. | |||||
| CVE-2021-41194 | 1 Jupyterhub | 1 First Use Authenticator | 2024-11-21 | 6.8 MEDIUM | 9.1 CRITICAL |
| FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if `create_users=True` and the username is known or guessed. One may upgrade to version 1.0.0 or apply a patch manually to mitigate the vulnerability. For those who cannot upgrade, there is no complete workaround, but a partial mitigation exists. One can disable user creation with `c.FirstUseAuthenticator.create_users = False`, which will only allow login with fully normalized usernames for already existing users prior to jupyterhub-firstuserauthenticator 1.0.0. If any users have never logged in with their normalized username (i.e. lowercase), they will still be vulnerable until a patch or upgrade occurs. | |||||
| CVE-2021-41173 | 1 Ethereum | 1 Go Ethereum | 2024-11-21 | 3.5 LOW | 5.7 MEDIUM |
| Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading. | |||||
| CVE-2021-41055 | 1 Gajim | 1 Gajim | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message in multi-user chat, where the message ID equals the correction ID. | |||||