Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31963 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-08-01 | 6.5 MEDIUM | 7.1 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2021-31962 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-01 | 7.5 HIGH | 9.4 CRITICAL |
| Kerberos AppContainer Security Feature Bypass Vulnerability | |||||
| CVE-2021-31960 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-01 | 2.1 LOW | 5.5 MEDIUM |
| Windows Bind Filter Driver Information Disclosure Vulnerability | |||||
| CVE-2021-31958 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-01 | 6.8 MEDIUM | 7.5 HIGH |
| Windows NTLM Elevation of Privilege Vulnerability | |||||
| CVE-2021-31957 | 2 Fedoraproject, Microsoft | 4 Fedora, .net, .net Core and 1 more | 2023-08-01 | 5.0 MEDIUM | 5.9 MEDIUM |
| ASP.NET Denial of Service Vulnerability | |||||
| CVE-2021-31955 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-08-01 | 2.1 LOW | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2021-31954 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-01 | 7.2 HIGH | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-31953 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-01 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Filter Manager Elevation of Privilege Vulnerability | |||||
| CVE-2021-31952 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-08-01 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-31951 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-08-01 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-31950 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-08-01 | 5.5 MEDIUM | 7.6 HIGH |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2021-31949 | 1 Microsoft | 3 365 Apps, Office, Outlook | 2023-08-01 | 6.8 MEDIUM | 7.3 HIGH |
| Microsoft Outlook Remote Code Execution Vulnerability | |||||
| CVE-2021-31948 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-08-01 | 5.5 MEDIUM | 7.6 HIGH |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2021-31946 | 1 Microsoft | 1 Paint 3d | 2023-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| Paint 3D Remote Code Execution Vulnerability | |||||
| CVE-2021-31945 | 1 Microsoft | 1 Paint 3d | 2023-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| Paint 3D Remote Code Execution Vulnerability | |||||
| CVE-2021-31944 | 1 Microsoft | 1 3d Viewer | 2023-08-01 | 4.3 MEDIUM | 5.0 MEDIUM |
| 3D Viewer Information Disclosure Vulnerability | |||||
| CVE-2021-31943 | 1 Microsoft | 1 3d Viewer | 2023-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| 3D Viewer Remote Code Execution Vulnerability | |||||
| CVE-2021-31942 | 1 Microsoft | 1 3d Viewer | 2023-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| 3D Viewer Remote Code Execution Vulnerability | |||||
| CVE-2021-31941 | 1 Microsoft | 3 365 Apps, Office, Outlook | 2023-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Office Graphics Remote Code Execution Vulnerability | |||||
| CVE-2021-31940 | 1 Microsoft | 2 365 Apps, Office | 2023-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Office Graphics Remote Code Execution Vulnerability | |||||
| CVE-2021-31939 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2021-31201 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2023-08-01 | 4.6 MEDIUM | 5.2 MEDIUM |
| Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | |||||
| CVE-2021-31199 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2023-08-01 | 4.6 MEDIUM | 5.2 MEDIUM |
| Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | |||||
| CVE-2021-26420 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-08-01 | 6.5 MEDIUM | 7.1 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26414 | 1 Microsoft | 10 Windows 10, Windows 7, Windows 8.1 and 7 more | 2023-08-01 | 4.3 MEDIUM | 4.8 MEDIUM |
| Windows DCOM Server Security Feature Bypass | |||||
| CVE-2021-42307 | 1 Microsoft | 1 Edge Chromium | 2023-08-01 | N/A | 4.3 MEDIUM |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||||
| CVE-2021-31982 | 1 Microsoft | 1 Edge Chromium | 2023-08-01 | N/A | 8.8 HIGH |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2023-24936 | 1 Microsoft | 14 .net, .net Framework, Windows 10 1507 and 11 more | 2023-08-01 | N/A | 7.5 HIGH |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-33144 | 1 Microsoft | 1 Visual Studio Code | 2023-08-01 | N/A | 6.6 MEDIUM |
| Visual Studio Code Spoofing Vulnerability | |||||
| CVE-2023-32020 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2023-08-01 | N/A | 5.6 MEDIUM |
| Windows DNS Spoofing Vulnerability | |||||
| CVE-2023-32013 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2023-08-01 | N/A | 5.3 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2023-32012 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 1 more | 2023-08-01 | N/A | 7.8 HIGH |
| Windows Container Manager Service Elevation of Privilege Vulnerability | |||||
| CVE-2022-34592 | 1 Wavlink | 2 Wl-wn575a3, Wl-wn575a3 Firmware | 2023-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| Wavlink WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability via the function obtw. This vulnerability allows attackers to execute arbitrary commands via a crafted POST request. | |||||
| CVE-2022-30521 | 1 Dlink | 2 Dir-890l, Dir-890l Firmware | 2023-08-01 | 10.0 HIGH | 9.8 CRITICAL |
| The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users easily. The attackers can exploit the vulnerability to carry out arbitrary code by means of sending a specially constructed payload to port 49152. | |||||
| CVE-2023-3324 | 1 Abb | 1 Zenon | 2023-08-01 | N/A | 7.5 HIGH |
| A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. | |||||
| CVE-2023-3323 | 1 Abb | 1 Zenon | 2023-08-01 | N/A | 5.4 MEDIUM |
| A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. | |||||
| CVE-2023-3322 | 1 Abb | 1 Zenon | 2023-08-01 | N/A | 8.1 HIGH |
| A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404. | |||||
| CVE-2023-33802 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2023-08-01 | N/A | 5.5 MEDIUM |
| A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. | |||||
| CVE-2022-31455 | 1 Truedesk | 1 Truedesk | 2023-08-01 | N/A | 6.1 MEDIUM |
| * A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box. | |||||
| CVE-2022-31456 | 1 Truedesk | 1 Truedesk | 2023-08-01 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter. | |||||
| CVE-2023-33308 | 1 Fortinet | 2 Fortios, Fortiproxy | 2023-08-01 | N/A | 9.8 CRITICAL |
| A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection. | |||||
| CVE-2023-3414 | 1 Jenkins | 1 Servicenow Devops | 2023-08-01 | N/A | 6.5 MEDIUM |
| A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform. | |||||
| CVE-2023-39155 | 1 Jenkins | 1 Chef Identity | 2023-08-01 | N/A | 5.3 MEDIUM |
| Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it. | |||||
| CVE-2023-39156 | 1 Jenkins | 1 Bazaar | 2023-08-01 | N/A | 5.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags. | |||||
| CVE-2023-23844 | 1 Solarwinds | 1 Solarwinds Platform | 2023-08-01 | N/A | 7.2 HIGH |
| The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges. | |||||
| CVE-2023-37258 | 1 Dataease | 1 Dataease | 2023-08-01 | N/A | 9.8 CRITICAL |
| DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, DataEase has a SQL injection vulnerability that can bypass blacklists. The vulnerability has been fixed in v1.18.9. There are no known workarounds. | |||||
| CVE-2023-37257 | 1 Dataease | 1 Dataease | 2023-08-01 | N/A | 5.4 MEDIUM |
| DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, the DataEase panel and dataset have a stored cross-site scripting vulnerability. The vulnerability has been fixed in v1.18.9. There are no known workarounds. | |||||
| CVE-2023-32639 | 1 Moj | 1 Applicant Programme | 2023-08-01 | N/A | 5.5 MEDIUM |
| Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. | |||||
| CVE-2023-38606 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-08-01 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. | |||||
| CVE-2023-23568 | 1 Gallagher | 1 Command Centre | 2023-08-01 | N/A | 5.4 MEDIUM |
| Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior | |||||