Total
32325 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26930 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c. | |||||
| CVE-2021-26919 | 1 Apache | 1 Druid | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Apache Druid allows users to read data from other database systems using JDBC. This functionality is to allow trusted users with the proper permissions to set up lookups or submit ingestion tasks. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Druid server processes. This issue was addressed in Apache Druid 0.20.2 | |||||
| CVE-2021-26917 | 1 Bitmessage | 1 Pybitmessage | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. NOTE: the discoverer states "security mitigation may not be necessary as there is no evidence yet that these screen intercepts are actually transported away from the local host." NOTE: it is unclear whether there are any common use cases in which apinotifypath is controlled by an attacker | |||||
| CVE-2021-26902 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-26901 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-26899 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Windows UPnP Device Host Elevation of Privilege Vulnerability | |||||
| CVE-2021-26898 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-26897 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26896 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Windows DNS Server Denial of Service Vulnerability | |||||
| CVE-2021-26895 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26894 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26893 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26892 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
| Windows Extensible Firmware Interface Security Feature Bypass Vulnerability | |||||
| CVE-2021-26891 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Execution Agent Elevation of Privilege Vulnerability | |||||
| CVE-2021-26890 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Application Virtualization Remote Code Execution Vulnerability | |||||
| CVE-2021-26886 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| User Profile Service Denial of Service Vulnerability | |||||
| CVE-2021-26885 | 1 Microsoft | 1 Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows WalletService Elevation of Privilege Vulnerability | |||||
| CVE-2021-26884 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Media Photo Codec Information Disclosure Vulnerability | |||||
| CVE-2021-26882 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Remote Access API Elevation of Privilege Vulnerability | |||||
| CVE-2021-26881 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 6.5 MEDIUM | 7.5 HIGH |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | |||||