Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24415 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-09-14 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit. | |||||
| CVE-2020-24414 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-09-14 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit. | |||||
| CVE-2020-24412 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-09-14 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit. | |||||
| CVE-2021-28569 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2021-09-14 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Media Encoder version 15.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28571 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2021-09-14 | 7.6 HIGH | 8.8 HIGH |
| Adobe After Effects version 18.1 (and earlier) is affected by a potential Command injection vulnerability when chained with a development and debugging tool for JavaScript scripts. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28447 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2021-09-14 | 2.1 LOW | 4.4 MEDIUM |
| Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094. | |||||
| CVE-2021-27094 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-09-14 | 2.1 LOW | 4.4 MEDIUM |
| Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-28447. | |||||
| CVE-2021-28581 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2021-09-14 | 4.4 MEDIUM | 7.3 HIGH |
| Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine. | |||||
| CVE-2021-31969 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-09-14 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2019-5618 | 2 A-pdf, Microsoft | 2 Wav To Mp3, Windows | 2021-09-14 | 6.8 MEDIUM | 7.8 HIGH |
| A-PDF WAV to MP3 version 1.0.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow. | |||||
| CVE-2021-26420 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2021-09-13 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31963, CVE-2021-31966. | |||||
| CVE-2021-31970 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-09-13 | 2.1 LOW | 5.5 MEDIUM |
| Windows TCP/IP Driver Security Feature Bypass Vulnerability | |||||
| CVE-2021-28631 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-09-13 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-15707 | 8 Canonical, Debian, Gnu and 5 more | 15 Ubuntu Linux, Debian Linux, Grub2 and 12 more | 2021-09-13 | 4.4 MEDIUM | 6.4 MEDIUM |
| Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. | |||||
| CVE-2016-6914 | 2 Microsoft, Ui | 2 Windows, Unifi Video | 2021-09-13 | 7.2 HIGH | 7.8 HIGH |
| Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file. | |||||
| CVE-2017-8631 | 1 Microsoft | 9 Excel, Excel 2007, Excel 2010 and 6 more | 2021-09-13 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8744. | |||||
| CVE-2018-8273 | 1 Microsoft | 1 Sql Server | 2021-09-13 | 10.0 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server. | |||||
| CVE-2007-0066 | 1 Microsoft | 6 Home Server, Small Business Server, Windows 2000 and 3 more | 2021-09-12 | 7.1 HIGH | N/A |
| The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability." | |||||
| CVE-2021-27063 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2021-09-12 | 5.0 MEDIUM | 7.5 HIGH |
| Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-26896. | |||||
| CVE-2021-26897 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2021-09-12 | 10.0 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895. | |||||