Total
34251 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-28324 | 1 Microsoft | 6 Windows 10, Windows 10 1809, Windows 10 20h2 and 3 more | 2024-11-21 | 7.5 High |
| Windows SMB Information Disclosure Vulnerability | ||||
| CVE-2021-28320 | 1 Microsoft | 12 Windows 10, Windows 10 1507, Windows 10 1607 and 9 more | 2024-11-21 | 7.8 High |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | ||||
| CVE-2021-28319 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 7.5 High |
| Windows TCP/IP Driver Denial of Service Vulnerability | ||||
| CVE-2021-28318 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Windows GDI+ Information Disclosure Vulnerability | ||||
| CVE-2021-28317 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Microsoft Windows Codecs Library Information Disclosure Vulnerability | ||||
| CVE-2021-28316 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 4.2 Medium |
| Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability | ||||
| CVE-2021-28315 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows Media Video Decoder Remote Code Execution Vulnerability | ||||
| CVE-2021-28314 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows Hyper-V Elevation of Privilege Vulnerability | ||||
| CVE-2021-28312 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 3.3 Low |
| Windows NTFS Denial of Service Vulnerability | ||||
| CVE-2021-28311 | 1 Microsoft | 11 Windows 10, Windows 10 1607, Windows 10 1803 and 8 more | 2024-11-21 | 6.5 Medium |
| Windows Application Compatibility Cache Denial of Service Vulnerability | ||||
| CVE-2021-28309 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2021-28276 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 7.5 High |
| A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a wild address read in the ProcessCanonMakerNoteDir function in makernote.c. | ||||
| CVE-2021-28213 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 7.5 High |
| Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. | ||||
| CVE-2021-28156 | 1 Hashicorp | 1 Consul | 2024-11-21 | 7.5 High |
| HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10. | ||||
| CVE-2021-28155 | 1 Jbl | 2 Tune500bt, Tune500bt Firmware | 2024-11-21 | 6.5 Medium |
| The Bluetooth Classic implementation on JBL TUNE500BT devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown a device by flooding the target device with LMP Feature Response data. | ||||
| CVE-2021-28139 | 1 Espressif | 2 Esp-idf, Esp32 | 2024-11-21 | 8.8 High |
| The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield payload. | ||||
| CVE-2021-28134 | 1 Clipper Project | 1 Clipper | 2024-11-21 | 9.8 Critical |
| Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API. | ||||
| CVE-2021-28121 | 1 Virtual Robots.txt Project | 1 Virtual Robots.txt | 2024-11-21 | 9.8 Critical |
| Virtual Robots.txt before 1.10 does not block HTML tags in the robots.txt field. | ||||
| CVE-2021-28119 | 1 Twinkletray | 1 Twinkle Tray | 2024-11-21 | 9.8 Critical |
| Twinkle Tray (aka twinkle-tray) through 1.13.3 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API. | ||||
| CVE-2021-28117 | 1 Kde | 1 Discover | 2024-11-21 | 7.5 High |
| libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.) | ||||