Total
2840 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-36964 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-24 | 4.6 MEDIUM | 7.8 HIGH |
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38630. | |||||
CVE-2021-36963 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-24 | 4.6 MEDIUM | 7.8 HIGH |
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-38633. | |||||
CVE-2021-36962 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-09-24 | 4.9 MEDIUM | 5.5 MEDIUM |
Windows Installer Information Disclosure Vulnerability | |||||
CVE-2021-36961 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-24 | 3.6 LOW | 6.1 MEDIUM |
Windows Installer Denial of Service Vulnerability | |||||
CVE-2021-36960 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-24 | 5.0 MEDIUM | 7.5 HIGH |
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972. | |||||
CVE-2021-36955 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-24 | 4.6 MEDIUM | 7.8 HIGH |
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36963, CVE-2021-38633. | |||||
CVE-2021-26435 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-24 | 6.8 MEDIUM | 7.8 HIGH |
Windows Scripting Engine Memory Corruption Vulnerability | |||||
CVE-2020-9633 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more | 2021-09-16 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2020-3757 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2021-09-16 | 9.3 HIGH | 8.8 HIGH |
Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2021-34480 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-09-16 | 6.8 MEDIUM | 8.8 HIGH |
Scripting Engine Memory Corruption Vulnerability | |||||
CVE-2021-30605 | 2 Google, Microsoft | 4 Chrome Os Readiness Tool, Windows 10, Windows 7 and 1 more | 2021-09-15 | 4.6 MEDIUM | 7.8 HIGH |
Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls. | |||||
CVE-2021-27094 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-09-14 | 2.1 LOW | 4.4 MEDIUM |
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-28447. | |||||
CVE-2021-28447 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2021-09-14 | 2.1 LOW | 4.4 MEDIUM |
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094. | |||||
CVE-2021-31970 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-09-13 | 2.1 LOW | 5.5 MEDIUM |
Windows TCP/IP Driver Security Feature Bypass Vulnerability | |||||
CVE-2020-15707 | 8 Canonical, Debian, Gnu and 5 more | 15 Ubuntu Linux, Debian Linux, Grub2 and 12 more | 2021-09-13 | 4.4 MEDIUM | 6.4 MEDIUM |
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. | |||||
CVE-2018-8434 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2021-09-12 | 5.2 MEDIUM | 5.4 MEDIUM |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2019-1255 | 1 Microsoft | 12 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 9 more | 2021-09-09 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'. | |||||
CVE-2018-0986 | 1 Microsoft | 13 Exchange Server, Forefront Endpoint Protection 2010, Intune Endpoint Protection and 10 more | 2021-09-09 | 9.3 HIGH | 8.8 HIGH |
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection. | |||||
CVE-2020-1002 | 1 Microsoft | 12 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 9 more | 2021-09-09 | 6.6 MEDIUM | 7.1 HIGH |
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'. | |||||
CVE-2019-1161 | 1 Microsoft | 11 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 8 more | 2021-09-09 | 6.6 MEDIUM | 7.1 HIGH |
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'. |