Filtered by vendor Microsoft
Subscribe
Total
21897 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41373 | 1 Microsoft | 1 Fslogix | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| FSLogix Information Disclosure Vulnerability | |||||
| CVE-2021-41372 | 1 Microsoft | 1 Power Bi Report Server | 2024-11-21 | 6.8 MEDIUM | 7.6 HIGH |
| A Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exists when Power BI Report Server Template file (pbix) containing HTML files is uploaded to the server and HTML files are accessed directly by the victim. Combining these 2 vulnerabilities together, an attacker is able to upload malicious Power BI templates files to the server using the victim's session and run scripts in the security context of the user and perform privilege escalation in case the victim has admin privileges when the victim access one of the HTML files present in the malicious Power BI template uploaded. The security update addresses the vulnerability by helping to ensure that Power BI Report Server properly sanitize file uploads. | |||||
| CVE-2021-41371 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||
| CVE-2021-41370 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NTFS Elevation of Privilege Vulnerability | |||||
| CVE-2021-41368 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.8 MEDIUM | 6.1 MEDIUM |
| Microsoft Access Remote Code Execution Vulnerability | |||||
| CVE-2021-41367 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NTFS Elevation of Privilege Vulnerability | |||||
| CVE-2021-41366 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability | |||||
| CVE-2021-41365 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||
| CVE-2021-41363 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 4.4 MEDIUM | 4.2 MEDIUM |
| Intune Management Extension Security Feature Bypass Vulnerability | |||||
| CVE-2021-41361 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Active Directory Federation Server Spoofing Vulnerability | |||||
| CVE-2021-41360 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-41356 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Windows Denial of Service Vulnerability | |||||
| CVE-2021-41355 | 1 Microsoft | 3 .net, Powershell, Visual Studio 2019 | 2024-11-21 | 2.9 LOW | 5.7 MEDIUM |
| .NET Core and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2021-41354 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||
| CVE-2021-41353 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | |||||
| CVE-2021-41352 | 1 Microsoft | 1 System Center Operations Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SCOM Information Disclosure Vulnerability | |||||
| CVE-2021-41351 | 1 Microsoft | 4 Edge, Windows 10, Windows 11 and 1 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge (Chrome based) Spoofing on IE Mode | |||||
| CVE-2021-41350 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2021-41349 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2021-41348 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||