Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1731 | 2 Google, Htc | 2 Chrome, Hero | 2021-11-15 | 4.3 MEDIUM | N/A |
| Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. | |||||
| CVE-2009-1598 | 1 Google | 1 Chrome | 2021-11-15 | 9.3 HIGH | N/A |
| Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI. NOTE: the researcher reports that Adobe's position is "a PDF file is active content." | |||||
| CVE-2020-28416 | 1 Hp | 310 Officejet 250 Cz992a, Officejet 250 Cz992a Firmware, Officejet 250c L9d57a and 307 more | 2021-11-15 | 4.6 MEDIUM | 7.8 HIGH |
| HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution. | |||||
| CVE-2021-43189 | 2 Google, Jetbrains | 2 Android, Youtrack Mobile | 2021-11-15 | 7.5 HIGH | 7.3 HIGH |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete. | |||||
| CVE-2021-43188 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2021-11-15 | 7.5 HIGH | 7.3 HIGH |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. | |||||
| CVE-2021-40521 | 1 Airangel | 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more | 2021-11-12 | 10.0 HIGH | 9.8 CRITICAL |
| Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution. | |||||
| CVE-2021-41378 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2021-11-12 | 6.5 MEDIUM | 8.8 HIGH |
| Windows NTFS Remote Code Execution Vulnerability | |||||
| CVE-2021-42274 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2021-11-12 | 2.1 LOW | 6.5 MEDIUM |
| Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability | |||||
| CVE-2021-42275 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2021-11-12 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft COM for Windows Remote Code Execution Vulnerability | |||||
| CVE-2021-42276 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2021-11-12 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | |||||
| CVE-2021-38631 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2021-11-12 | 2.1 LOW | 4.4 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41371. | |||||
| CVE-2021-41368 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2021-11-12 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Access Remote Code Execution Vulnerability | |||||
| CVE-2021-43187 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2021-11-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. | |||||
| CVE-2019-18912 | 1 Hp | 23 Futuresmart 4, Laserjet Enterprise Flow Mfp M527 F2a78v, Laserjet Enterprise Flow Mfp M527 F2a79a and 20 more | 2021-11-10 | 4.6 MEDIUM | 7.8 HIGH |
| A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the solution. | |||||
| CVE-2021-24698 | 1 Tipsandtricks-hq | 1 Simple Download Monitor | 2021-11-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the download. | |||||
| CVE-2020-10054 | 1 Siemens | 1 Simatic Rtls Locating Manager | 2021-11-10 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacker could import a specially crafted file which could lead to a denial-of-service condition of the application service. | |||||
| CVE-2021-41373 | 1 Microsoft | 1 Fslogix | 2021-11-10 | 2.1 LOW | 5.5 MEDIUM |
| FSLogix Information Disclosure Vulnerability | |||||
| CVE-2021-41371 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2021-11-10 | 2.1 LOW | 4.4 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38631. | |||||
| CVE-2021-41376 | 1 Microsoft | 1 Azure Sphere | 2021-11-10 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41374, CVE-2021-41375. | |||||
| CVE-2021-41375 | 1 Microsoft | 1 Azure Sphere | 2021-11-10 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41374, CVE-2021-41376. | |||||