Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21384 | 3 Microsoft, Opengroup, Shescape Project | 3 Windows, Unix, Shescape | 2021-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| shescape is a simple shell escape package for JavaScript. In shescape before version 1.1.3, anyone using _Shescape_ to defend against shell injection may still be vulnerable against shell injection if the attacker manages to insert a into the payload. For an example see the referenced GitHub Security Advisory. The problem has been patched in version 1.1.3. No further changes are required. | |||||
| CVE-2021-26582 | 3 Hp, Microsoft, Redhat | 4 Hp-ux, Icewall Sso Dgfw, Windows and 1 more | 2021-04-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS). | |||||
| CVE-2018-1457 | 3 Ibm, Linux, Microsoft | 3 Rational Doors, Linux Kernel, Windows | 2021-04-22 | 7.5 HIGH | 9.8 CRITICAL |
| An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208. | |||||
| CVE-2021-28323 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows DNS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28328. | |||||
| CVE-2021-28322 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28313, CVE-2021-28321. | |||||
| CVE-2021-28313 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28321, CVE-2021-28322. | |||||
| CVE-2021-28826 | 2 Microsoft, Tibco | 2 Windows, Messaging - Eclipse Mosquitto Distribution - Bridge | 2021-04-21 | 7.2 HIGH | 7.8 HIGH |
| The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Community Edition: versions 1.3.0 and below and TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Enterprise Edition: versions 1.3.0 and below. | |||||
| CVE-2021-28825 | 2 Microsoft, Tibco | 2 Windows, Messaging - Eclipse Mosquitto Distribution - Core | 2021-04-21 | 7.2 HIGH | 7.8 HIGH |
| The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition: versions 1.3.0 and below and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition: versions 1.3.0 and below. | |||||
| CVE-2021-28448 | 1 Microsoft | 1 Visual Studio Code Kubernetes Tools | 2021-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability | |||||
| CVE-2021-28449 | 1 Microsoft | 3 365 Apps, Excel, Office | 2021-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2021-28445 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Windows Network File System Remote Code Execution Vulnerability | |||||
| CVE-2021-28444 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Server 2012 and 2 more | 2021-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Hyper-V Security Feature Bypass Vulnerability | |||||
| CVE-2021-28441 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-04-20 | 2.1 LOW | 6.5 MEDIUM |
| Windows Hyper-V Information Disclosure Vulnerability | |||||
| CVE-2021-28454 | 1 Microsoft | 4 365 Apps, Office, Office Online Server and 1 more | 2021-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28451. | |||||
| CVE-2021-28456 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2021-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Excel Information Disclosure Vulnerability | |||||
| CVE-2021-28457 | 1 Microsoft | 1 Visual Studio Code | 2021-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28469, CVE-2021-28473, CVE-2021-28475, CVE-2021-28477. | |||||
| CVE-2021-28459 | 1 Microsoft | 1 Azure Devops Server | 2021-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Azure DevOps Server Spoofing Vulnerability | |||||
| CVE-2021-28460 | 1 Microsoft | 1 Azure Sphere | 2021-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Azure Sphere Unsigned Code Execution Vulnerability | |||||
| CVE-2021-21091 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2021-04-20 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28464 | 1 Microsoft | 1 Vp9 Video Extensions | 2021-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| VP9 Video Extensions Remote Code Execution Vulnerability | |||||