Export limit exceeded: 10016 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10016 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31805 | 1 Apache | 1 Struts | 2024-11-21 | 9.8 Critical |
| The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation. | ||||
| CVE-2021-31769 | 1 Myq-solution | 1 Myq Server | 2024-11-21 | 8.8 High |
| MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorization. An attacker can inject arbitrary OS commands (such as commands to create new .php files) via the Task Scheduler component. | ||||
| CVE-2021-31737 | 1 Emlog | 1 Emlog | 2024-11-21 | 9.8 Critical |
| emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php. | ||||
| CVE-2021-31718 | 1 Npupnp Project | 1 Npupnp | 2024-11-21 | 8.8 High |
| The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution. | ||||
| CVE-2021-31617 | 1 Stormshield | 1 Stormshield Network Security | 2024-11-21 | 9.8 Critical |
| In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memory management can lead to remote code execution. | ||||
| CVE-2021-31414 | 1 Rpm Spec Project | 1 Rpm Spec | 2024-11-21 | 9.8 Critical |
| The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration. | ||||
| CVE-2021-31354 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-11-21 | 7.1 High |
| An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL License Manager, or with access to the local broadcast domain, may be able to spoof a new JAL License Manager and/or craft a response to the Junos OS License Client, leading to exploitation of this vulnerability. This issue only affects Junos systems configured in Network Mode. Systems that are configured in Standalone Mode (the default mode of operation for all systems) are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved: version 20.1R1-EVO and later versions, prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. | ||||
| CVE-2021-31324 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 9.8 Critical |
| The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. | ||||
| CVE-2021-31215 | 3 Debian, Fedoraproject, Schedmd | 3 Debian Linux, Fedora, Slurm | 2024-11-21 | 8.8 High |
| SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. | ||||
| CVE-2021-31214 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-31213 | 1 Microsoft | 2 Remote, Remote Development | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability | ||||
| CVE-2021-31211 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-31206 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 7.6 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-31200 | 1 Microsoft | 1 Neural Network Intelligence | 2024-11-21 | 7.2 High |
| Common Utilities Remote Code Execution Vulnerability | ||||
| CVE-2021-31194 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 8.8 High |
| OLE Automation Remote Code Execution Vulnerability | ||||
| CVE-2021-31192 | 1 Microsoft | 3 Windows 10, Windows 10 1809, Windows 10 20h2 | 2024-11-21 | 7.8 High |
| Windows Media Foundation Core Remote Code Execution Vulnerability | ||||
| CVE-2021-31180 | 1 Microsoft | 3 365 Apps, Office, Word | 2024-11-21 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2021-31179 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-11-21 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2021-31177 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2021-31176 | 1 Microsoft | 4 365 Apps, Office, Office Online Server and 1 more | 2024-11-21 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||