Export limit exceeded: 10016 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10016 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36965 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 8.8 High |
| Windows WLAN AutoConfig Service Remote Code Execution Vulnerability | ||||
| CVE-2021-36952 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-11-21 | 7.8 High |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2021-36947 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 8.8 High |
| Windows Print Spooler Remote Code Execution Vulnerability | ||||
| CVE-2021-36941 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-36937 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability | ||||
| CVE-2021-36936 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 8.8 High |
| Windows Print Spooler Remote Code Execution Vulnerability | ||||
| CVE-2021-36711 | 1 Octobot | 1 Octobot | 2024-11-21 | 9.8 Critical |
| WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled. | ||||
| CVE-2021-36548 | 1 Monstra | 1 Monstra | 2024-11-21 | 9.8 Critical |
| A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file. | ||||
| CVE-2021-36547 | 1 Mara Cms Project | 1 Mara Cms | 2024-11-21 | 9.8 Critical |
| A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file. | ||||
| CVE-2021-36359 | 1 Bscw | 1 Bscw Classic | 2024-11-21 | 8.8 High |
| OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3. | ||||
| CVE-2021-36296 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2024-11-21 | 7.2 High |
| Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system. | ||||
| CVE-2021-36295 | 1 Dell | 9 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 6 more | 2024-11-21 | 7.2 High |
| Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system. | ||||
| CVE-2021-36287 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2024-11-21 | 7.3 High |
| Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system. | ||||
| CVE-2021-36121 | 1 Echobh | 1 Sharecare | 2024-11-21 | 8.8 High |
| An issue was discovered in Echo ShareCare 8.15.5. The file-upload feature in Access/DownloadFeed_Mnt/FileUpload_Upd.cfm is susceptible to an unrestricted upload vulnerability via the name1 parameter, when processing remote input from an authenticated user, leading to the ability for arbitrary files to be written to arbitrary filesystem locations via ../ Directory Traversal on the Z: drive (a hard-coded drive letter where ShareCare application files reside) and remote code execution as the ShareCare service user (NT AUTHORITY\SYSTEM). | ||||
| CVE-2021-36043 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 8 High |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled. | ||||
| CVE-2021-36042 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 9.1 Critical |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code execution. | ||||
| CVE-2021-36041 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 9.1 Critical |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote code execution. | ||||
| CVE-2021-36040 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 9.1 Critical |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to bypass file extension restrictions and could lead to remote code execution. | ||||
| CVE-2021-36035 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 9.1 Critical |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could make a crafted request to the Adobe Stock API to achieve remote code execution. | ||||
| CVE-2021-36034 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-11-21 | 9.1 Critical |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to achieve remote code execution. | ||||