Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40826 | 2 Clementine-player, Microsoft | 2 Clementine, Windows | 2022-07-12 | 6.8 MEDIUM | 7.8 HIGH |
| Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine. Attackers could exploit this issue to cause a crash (DoS) of the clementine.exe process or achieve arbitrary code execution in the context of the current logged-in Windows user. | |||||
| CVE-2021-38648 | 1 Microsoft | 10 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics \(lad\) and 7 more | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38645, CVE-2021-38649. | |||||
| CVE-2021-26855 | 1 Microsoft | 1 Exchange Server | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. | |||||
| CVE-2021-36934 | 1 Microsoft | 1 Windows 10 | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Elevation of Privilege Vulnerability | |||||
| CVE-2021-44466 | 2 Leap, Microsoft | 2 Bitmask Riseup Vpn, Windows | 2022-07-12 | 4.6 MEDIUM | 7.3 HIGH |
| Bitmask Riseup VPN 0.21.6 contains a local privilege escalation flaw due to improper access controls. When the software is installed with a non-default installation directory off of the system root, the installer fails to properly set ACLs. This allows lower privileged users to replace the VPN executable with a malicious one. When a higher privileged user such as an Administrator launches that executable, it is possible for the lower privileged user to escalate to Administrator privileges. | |||||
| CVE-2021-34466 | 1 Microsoft | 1 Windows 10 | 2022-07-12 | 3.6 LOW | 6.1 MEDIUM |
| Windows Hello Security Feature Bypass Vulnerability | |||||
| CVE-2021-43228 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| SymCrypt Denial of Service Vulnerability | |||||
| CVE-2021-42309 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2022-07-12 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-42294. | |||||
| CVE-2021-37969 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2022-07-12 | 6.8 MEDIUM | 7.8 HIGH |
| Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||||
| CVE-2021-42288 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-07-12 | 3.6 LOW | 6.1 MEDIUM |
| Windows Hello Security Feature Bypass Vulnerability | |||||
| CVE-2021-34523 | 1 Microsoft | 1 Exchange Server | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470. | |||||
| CVE-2021-34516 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34449. | |||||
| CVE-2020-0646 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'. | |||||
| CVE-2021-22004 | 3 Fedoraproject, Microsoft, Saltstack | 3 Fedora, Windows, Salt | 2022-07-12 | 4.4 MEDIUM | 6.4 MEDIUM |
| An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software. | |||||
| CVE-2021-34513 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33751, CVE-2021-34460, CVE-2021-34510, CVE-2021-34512. | |||||
| CVE-2021-34510 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33751, CVE-2021-34460, CVE-2021-34512, CVE-2021-34513. | |||||
| CVE-2021-34498 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| Windows GDI Elevation of Privilege Vulnerability | |||||
| CVE-2021-30615 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | |||||
| CVE-2021-38088 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking. | |||||
| CVE-2021-34473 | 1 Microsoft | 1 Exchange Server | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206. | |||||