Total
172421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41355 | 1 Microsoft | 3 .net, Powershell, Visual Studio 2019 | 2021-10-19 | 2.9 LOW | 5.7 MEDIUM |
| .NET Core and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2021-41830 | 1 Apache | 1 Openoffice | 2021-10-19 | 5.0 MEDIUM | 7.5 HIGH |
| It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory. | |||||
| CVE-2021-41354 | 1 Microsoft | 1 Dynamics 365 | 2021-10-19 | 3.5 LOW | 5.4 MEDIUM |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||
| CVE-2021-41353 | 1 Microsoft | 1 Dynamics 365 | 2021-10-19 | 3.5 LOW | 3.5 LOW |
| Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | |||||
| CVE-2021-41831 | 1 Apache | 1 Openoffice | 2021-10-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory. | |||||
| CVE-2021-41832 | 1 Apache | 1 Openoffice | 2021-10-19 | 5.0 MEDIUM | 7.5 HIGH |
| It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory. | |||||
| CVE-2021-41801 | 1 Mediawiki | 1 Mediawiki | 2021-10-19 | 6.5 MEDIUM | 8.8 HIGH |
| The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog) | |||||
| CVE-2021-20126 | 1 Draytek | 1 Vigorconnect | 2021-10-19 | 6.8 MEDIUM | 8.8 HIGH |
| Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | |||||
| CVE-2021-41352 | 1 Microsoft | 1 System Center Operations Manager | 2021-10-19 | 5.0 MEDIUM | 7.5 HIGH |
| SCOM Information Disclosure Vulnerability | |||||
| CVE-2021-40456 | 1 Microsoft | 3 Windows Server, Windows Server 2019, Windows Server 2022 | 2021-10-19 | 5.0 MEDIUM | 7.5 HIGH |
| Windows AD FS Security Feature Bypass Vulnerability | |||||
| CVE-2021-40457 | 1 Microsoft | 1 Dynamics 365 | 2021-10-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | |||||
| CVE-2021-41350 | 1 Microsoft | 1 Exchange Server | 2021-10-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2021-40460 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2021-10-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability | |||||
| CVE-2021-41348 | 1 Microsoft | 1 Exchange Server | 2021-10-19 | 5.2 MEDIUM | 8.0 HIGH |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||
| CVE-2021-41347 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2021-10-19 | 4.6 MEDIUM | 7.8 HIGH |
| Windows AppX Deployment Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-41346 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2021-10-19 | 4.6 MEDIUM | 7.8 HIGH |
| Console Window Host Security Feature Bypass Vulnerability | |||||
| CVE-2021-41345 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2021-10-19 | 7.2 HIGH | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489. | |||||
| CVE-2021-42139 | 1 Deno | 1 Deno | 2021-10-19 | 6.8 MEDIUM | 9.8 CRITICAL |
| Deno before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. | |||||
| CVE-2021-41344 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2021-10-19 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40487. | |||||
| CVE-2021-41343 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2021-10-19 | 2.1 LOW | 5.5 MEDIUM |
| Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662. | |||||