Search
Total
1819 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1709 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.2 HIGH | 7.0 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-1659 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1682 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-29 | 4.6 MEDIUM | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-1681 | 1 Microsoft | 1 Windows 10 | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Windows WalletService Elevation of Privilege Vulnerability | |||||
| CVE-2021-1703 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-29 | 7.2 HIGH | 7.8 HIGH |
| Windows Event Logging Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1689 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Multipoint Management Elevation of Privilege Vulnerability | |||||
| CVE-2021-1693 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1694 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.5 HIGH | 7.5 HIGH |
| Windows Update Stack Elevation of Privilege Vulnerability | |||||
| CVE-2021-28322 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-28313 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-27077 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-24090 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-29 | 9.3 HIGH | 7.8 HIGH |
| Windows Error Reporting Elevation of Privilege Vulnerability | |||||
| CVE-2021-1640 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-26863 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-29 | 7.2 HIGH | 7.0 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-1729 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-29 | 7.2 HIGH | 7.1 HIGH |
| Windows Update Stack Setup Elevation of Privilege Vulnerability | |||||
| CVE-2021-24095 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-29 | 4.6 MEDIUM | 7.0 HIGH |
| DirectX Elevation of Privilege Vulnerability | |||||
| CVE-2023-6804 | 1 Github | 1 Enterprise Server | 2023-12-29 | N/A | 5.5 MEDIUM |
| Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. To exploit this, a workflow must have already existed in the target repo. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | |||||
| CVE-2021-1719 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2023-12-29 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2021-1712 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-29 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2021-1728 | 1 Microsoft | 1 System Center Operations Manager | 2023-12-29 | 6.5 MEDIUM | 8.8 HIGH |
| System Center Operations Manager Elevation of Privilege Vulnerability | |||||
| CVE-2021-24092 | 1 Microsoft | 12 Endpoint Protection, Security Essentials, System Center Endpoint Protection and 9 more | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Microsoft Defender Elevation of Privilege Vulnerability | |||||
| CVE-2021-1733 | 1 Microsoft | 1 Psexec | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Sysinternals PsExec Elevation of Privilege Vulnerability | |||||
| CVE-2023-46647 | 1 Github | 1 Enterprise Server | 2023-12-29 | N/A | 8.8 HIGH |
| Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0. | |||||
| CVE-2023-47267 | 1 Thegreenbow | 3 Windows Enterprise Certified Vpn, Windows Enterprise Vpn, Windows Standard Vpn | 2023-12-29 | N/A | 9.8 CRITICAL |
| An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file. | |||||
| CVE-2021-34488 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Console Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-34477 | 1 Microsoft | 2 .net Education Bundle Sdk Install Tool, .net Install Tool For Extension Authors | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability | |||||
| CVE-2021-34511 | 1 Microsoft | 6 Windows 10, Windows 7, Windows Server 2008 and 3 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2021-34527 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 9.0 HIGH | 8.8 HIGH |
| <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.</p> <p>In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (<strong>Note</strong>: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ):</p> <ul> <li>HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint</li> <li>NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)</li> <li>UpdatePromptSettings = 0 (DWORD) or not defined (default setting)</li> </ul> <p><strong>Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design.</strong></p> <p>UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also <a href="https://support.microsoft.com/topic/31b91c02-05bc-4ada-a7ea-183b129578a7">KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates</a>.</p> <p>Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.</p> | |||||
| CVE-2021-34481 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 7.5 HIGH | 8.8 HIGH |
| <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p><strong>UPDATE</strong> August 10, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. This security update changes the Point and Print default behavior; please see <a href="https://support.microsoft.com/help/5005652">KB5005652</a>.</p> | |||||
| CVE-2021-34461 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-34455 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows File History Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-36931 | 1 Microsoft | 1 Edge Chromium | 2023-12-28 | 6.8 MEDIUM | 4.4 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-34460 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||
| CVE-2021-34456 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||||
| CVE-2021-34459 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows AppContainer Elevation Of Privilege Vulnerability | |||||
| CVE-2021-34493 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-34514 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-33751 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-28 | 4.6 MEDIUM | 7.0 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||
| CVE-2021-31961 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-28 | 3.6 LOW | 6.1 MEDIUM |
| Windows InstallService Elevation of Privilege Vulnerability | |||||
| CVE-2021-38671 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-38639 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-38667 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-40447 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-38638 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||
| CVE-2021-38626 | 1 Microsoft | 1 Windows Server 2008 | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-36964 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-38634 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2023-12-28 | 7.2 HIGH | 7.1 HIGH |
| Microsoft Windows Update Client Elevation of Privilege Vulnerability | |||||
| CVE-2021-34483 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-34471 | 1 Microsoft | 1 Malware Protection Engine | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Microsoft Windows Defender Elevation of Privilege Vulnerability | |||||
| CVE-2021-38630 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||