Total
34804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41558 | 1 Set User Project | 1 Set User | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The set_user extension module before 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config. | |||||
| CVE-2021-41545 | 1 Siemens | 8 Desigo Dxr2, Desigo Dxr2 Firmware, Desigo Pxc3 and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a “out of work” state and could result in the controller going into a “factory reset” state. | |||||
| CVE-2021-41532 | 1 Apache | 1 Ozone | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Apache Ozone before 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints. | |||||
| CVE-2021-41526 | 1 Flexera | 1 Revenera Installshield | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action. | |||||
| CVE-2021-41525 | 1 Flexera | 1 Flexnet Inventory Agent And Beacon | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue related to modification of otherwise restricted files through a locally authenticated attacker exists in FlexNet inventory agent and inventory beacon versions 2020 R2.5 and prior. | |||||
| CVE-2021-41504 | 1 Dlink | 4 Dcs-5000l, Dcs-5000l Firmware, Dcs-932l and 1 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
| An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2021-41395 | 1 Goteleport | 1 Teleport | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username. | |||||
| CVE-2021-41394 | 1 Goteleport | 1 Teleport | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations. | |||||
| CVE-2021-41393 | 1 Goteleport | 1 Teleport | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations. | |||||
| CVE-2021-41382 | 1 Plasticscm | 1 Plastic Scm | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Plastic SCM before 10.0.16.5622 mishandles the WebAdmin server management interface. | |||||
| CVE-2021-41378 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 6.5 MEDIUM | 7.8 HIGH |
| Windows NTFS Remote Code Execution Vulnerability | |||||
| CVE-2021-41376 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 2.3 LOW |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-41375 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-41374 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.1 LOW | 6.7 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-41373 | 1 Microsoft | 1 Fslogix | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| FSLogix Information Disclosure Vulnerability | |||||
| CVE-2021-41371 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||
| CVE-2021-41368 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 6.1 MEDIUM |
| Microsoft Access Remote Code Execution Vulnerability | |||||
| CVE-2021-41363 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 4.4 MEDIUM | 4.2 MEDIUM |
| Intune Management Extension Security Feature Bypass Vulnerability | |||||
| CVE-2021-41361 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Active Directory Federation Server Spoofing Vulnerability | |||||
| CVE-2021-41360 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||