Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26890 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Application Virtualization Remote Code Execution Vulnerability | |||||
| CVE-2021-33768 | 1 Microsoft | 1 Exchange Server | 2022-05-03 | 5.2 MEDIUM | 8.0 HIGH |
| Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523. | |||||
| CVE-2021-31952 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-23243 | 2 Google, Oppo | 36 Android, Oppo A12, Oppo A15 and 33 more | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used. | |||||
| CVE-2021-31204 | 2 Fedoraproject, Microsoft | 4 Fedora, .net, .net Core and 1 more | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| .NET and Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2021-26865 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Execution Agent Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26891. | |||||
| CVE-2021-26874 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Overlay Filter Elevation of Privilege Vulnerability | |||||
| CVE-2021-31208 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31169. | |||||
| CVE-2021-26864 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Virtual Registry Provider Elevation of Privilege Vulnerability | |||||
| CVE-2021-31956 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 9.3 HIGH | 7.8 HIGH |
| Windows NTFS Elevation of Privilege Vulnerability | |||||
| CVE-2021-26872 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26898, CVE-2021-26901. | |||||
| CVE-2021-31951 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-30772 | 1 Apple | 2 Mac Os X, Macos | 2022-05-03 | 9.3 HIGH | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to gain root privileges. | |||||
| CVE-2021-26877 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897. | |||||
| CVE-2021-26876 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2022-05-03 | 6.8 MEDIUM | 8.8 HIGH |
| OpenType Font Parsing Remote Code Execution Vulnerability | |||||
| CVE-2021-26880 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||
| CVE-2020-7232 | 1 Evoko | 1 Home | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information (such as usernames and password hashes) via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL. | |||||
| CVE-2019-18179 | 3 Debian, Opensuse, Otrs | 4 Debian Linux, Backports Sle, Leap and 1 more | 2022-05-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions. | |||||
| CVE-2019-19830 | 3 Canonical, Debian, Spip | 3 Ubuntu Linux, Debian Linux, Spip | 2022-05-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| _core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database. | |||||
| CVE-2020-5907 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2022-05-03 | 6.0 MEDIUM | 7.2 HIGH |
| In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an authorized user provided with access only to the TMOS Shell (tmsh) may be able to conduct arbitrary file read/writes via the built-in sftp functionality. | |||||