Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8677 | 3 Debian, Imagemagick, Opensuse | 3 Debian Linux, Imagemagick, Opensuse | 2021-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure. | |||||
| CVE-2017-11450 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2021-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | |||||
| CVE-2021-28349 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28348, CVE-2021-28350. | |||||
| CVE-2021-28348 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28349, CVE-2021-28350. | |||||
| CVE-2021-0444 | 1 Google | 1 Android | 2021-04-20 | 1.9 LOW | 5.5 MEDIUM |
| In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-178825358 | |||||
| CVE-2021-28350 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28348, CVE-2021-28349. | |||||
| CVE-2021-28328 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows DNS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28323. | |||||
| CVE-2018-7602 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2021-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. | |||||
| CVE-2014-9016 | 3 Debian, Drupal, Secure Password Hashes Project | 3 Debian Linux, Drupal, Secure Passwords Hashes | 2021-04-20 | 5.0 MEDIUM | N/A |
| The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request. | |||||
| CVE-2021-26413 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-19 | 2.1 LOW | 5.5 MEDIUM |
| Windows Installer Spoofing Vulnerability | |||||
| CVE-2021-23370 | 1 Swiperjs | 1 Swiper | 2021-04-19 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package swiper before 6.5.1. | |||||
| CVE-2021-23371 | 1 Chrono-node Project | 1 Chrono-node | 2021-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces. | |||||
| CVE-2021-28451 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2021-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28454. | |||||
| CVE-2021-28450 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-04-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| Microsoft SharePoint Denial of Service Update | |||||
| CVE-2021-28329 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-19 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434. | |||||
| CVE-2021-28327 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-19 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434. | |||||
| CVE-2008-1729 | 1 Drupal | 1 Drupal | 2021-04-19 | 5.8 MEDIUM | N/A |
| The menu system in Drupal 6 before 6.2 has incorrect menu settings, which allows remote attackers to (1) edit the profile pages of arbitrary users, and obtain sensitive information from (2) tracker and (3) blog pages, related to a missing check for the "access content" permission; and (4) allows remote authenticated users, with administration page view access, to edit content types. | |||||
| CVE-2021-28834 | 3 Debian, Fedoraproject, Kramdown Project | 3 Debian Linux, Fedora, Kramdown | 2021-04-19 | 6.8 MEDIUM | 9.8 CRITICAL |
| Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. | |||||
| CVE-2021-28332 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-19 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434. | |||||
| CVE-2021-28331 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-19 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434. | |||||