Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Total 172421 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41355 1 Microsoft 3 .net, Powershell, Visual Studio 2019 2021-10-19 2.9 LOW 5.7 MEDIUM
.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-41830 1 Apache 1 Openoffice 2021-10-19 5.0 MEDIUM 7.5 HIGH
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory.
CVE-2021-41354 1 Microsoft 1 Dynamics 365 2021-10-19 3.5 LOW 5.4 MEDIUM
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2021-41353 1 Microsoft 1 Dynamics 365 2021-10-19 3.5 LOW 3.5 LOW
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
CVE-2021-41831 1 Apache 1 Openoffice 2021-10-19 5.0 MEDIUM 5.3 MEDIUM
It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
CVE-2021-41832 1 Apache 1 Openoffice 2021-10-19 5.0 MEDIUM 7.5 HIGH
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory.
CVE-2021-41801 1 Mediawiki 1 Mediawiki 2021-10-19 6.5 MEDIUM 8.8 HIGH
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog)
CVE-2021-20126 1 Draytek 1 Vigorconnect 2021-10-19 6.8 MEDIUM 8.8 HIGH
Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
CVE-2021-41352 1 Microsoft 1 System Center Operations Manager 2021-10-19 5.0 MEDIUM 7.5 HIGH
SCOM Information Disclosure Vulnerability
CVE-2021-40456 1 Microsoft 3 Windows Server, Windows Server 2019, Windows Server 2022 2021-10-19 5.0 MEDIUM 7.5 HIGH
Windows AD FS Security Feature Bypass Vulnerability
CVE-2021-40457 1 Microsoft 1 Dynamics 365 2021-10-19 4.3 MEDIUM 6.1 MEDIUM
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability
CVE-2021-41350 1 Microsoft 1 Exchange Server 2021-10-19 4.3 MEDIUM 6.5 MEDIUM
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-40460 1 Microsoft 11 Windows 10, Windows 11, Windows 7 and 8 more 2021-10-19 4.0 MEDIUM 6.5 MEDIUM
Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability
CVE-2021-41348 1 Microsoft 1 Exchange Server 2021-10-19 5.2 MEDIUM 8.0 HIGH
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2021-41347 1 Microsoft 5 Windows 10, Windows 11, Windows Server 2016 and 2 more 2021-10-19 4.6 MEDIUM 7.8 HIGH
Windows AppX Deployment Service Elevation of Privilege Vulnerability
CVE-2021-41346 1 Microsoft 2 Windows 10, Windows Server 2016 2021-10-19 4.6 MEDIUM 7.8 HIGH
Console Window Host Security Feature Bypass Vulnerability
CVE-2021-41345 1 Microsoft 8 Windows 10, Windows 11, Windows 8.1 and 5 more 2021-10-19 7.2 HIGH 7.8 HIGH
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489.
CVE-2021-42139 1 Deno 1 Deno 2021-10-19 6.8 MEDIUM 9.8 CRITICAL
Deno before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations.
CVE-2021-41344 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2021-10-19 6.5 MEDIUM 8.8 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40487.
CVE-2021-41343 1 Microsoft 10 Windows 10, Windows 11, Windows 7 and 7 more 2021-10-19 2.1 LOW 5.5 MEDIUM
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.