Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-38974 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2021-11-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to cause a denial of service using specially crafted HTTP requests. IBM X-Force ID: 212779. | |||||
| CVE-2021-38978 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2021-11-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 212783. | |||||
| CVE-2021-38981 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2021-11-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 212788. | |||||
| CVE-2021-38983 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2021-11-16 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212792. | |||||
| CVE-2021-38982 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2021-11-16 | 3.5 LOW | 5.4 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212791. | |||||
| CVE-2021-42563 | 2 Microsoft, Ni | 2 Windows, Ni Service Locator | 2021-11-16 | 4.6 MEDIUM | 7.8 HIGH |
| There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges. | |||||
| CVE-2021-42322 | 1 Microsoft | 1 Visual Studio Code | 2021-11-15 | 4.6 MEDIUM | 7.8 HIGH |
| Visual Studio Code Elevation of Privilege Vulnerability | |||||
| CVE-2021-42319 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2021-11-15 | 2.1 LOW | 5.5 MEDIUM |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2021-42305 | 1 Microsoft | 1 Exchange Server | 2021-11-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-41349. | |||||
| CVE-2021-42316 | 1 Microsoft | 1 Dynamics 365 | 2021-11-15 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | |||||
| CVE-2021-43208 | 1 Microsoft | 1 3d Viewer | 2021-11-15 | 6.8 MEDIUM | 7.8 HIGH |
| 3D Viewer Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-43209. | |||||
| CVE-2021-42303 | 1 Microsoft | 1 Azure Real Time Operating System | 2021-11-15 | 7.2 HIGH | 6.8 MEDIUM |
| Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42304. | |||||
| CVE-2021-42302 | 1 Microsoft | 1 Azure Real Time Operating System | 2021-11-15 | 7.2 HIGH | 6.8 MEDIUM |
| Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42303, CVE-2021-42304. | |||||
| CVE-2021-42304 | 1 Microsoft | 1 Azure Real Time Operating System | 2021-11-15 | 7.2 HIGH | 6.8 MEDIUM |
| Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42303. | |||||
| CVE-2021-42296 | 1 Microsoft | 2 365 Apps, Office | 2021-11-12 | 6.9 MEDIUM | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2021-41377 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2021-11-12 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-41378 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2021-11-12 | 6.5 MEDIUM | 8.8 HIGH |
| Windows NTFS Remote Code Execution Vulnerability | |||||
| CVE-2021-41379 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2021-11-12 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2021-42274 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2021-11-12 | 2.1 LOW | 6.5 MEDIUM |
| Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability | |||||
| CVE-2021-42275 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2021-11-12 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft COM for Windows Remote Code Execution Vulnerability | |||||