Export limit exceeded: 10011 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10011 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26432 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 9.8 Critical |
| Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability | ||||
| CVE-2021-26427 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 9 Critical |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-26424 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 9.9 Critical |
| Windows TCP/IP Remote Code Execution Vulnerability | ||||
| CVE-2021-26422 | 1 Microsoft | 2 Lync Server, Skype For Business Server | 2024-11-21 | 7.2 High |
| Skype for Business and Lync Remote Code Execution Vulnerability | ||||
| CVE-2021-26420 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 7.1 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-26412 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 9.1 Critical |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-25953 | 1 Putil-merge Project | 1 Putil-merge | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'putil-merge' versions1.0.0 through 3.6.6 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25952 | 1 Just-safe-set Project | 1 Just-safe-set | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25949 | 1 Set-getter Project | 1 Set-getter | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'set-getter' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25948 | 1 Expand-hash Project | 1 Expand-hash | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'expand-hash' versions 0.1.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25947 | 1 Nestie Project | 1 Nestie | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25946 | 1 Nconf-toml Project | 1 Nconf-toml | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in `nconf-toml` versions 0.0.1 through 0.0.2 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25945 | 1 Js-extend Project | 1 Js-extend | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25944 | 1 Deep-defaults Project | 1 Deep-defaults | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25913 | 1 Set-or-get Project | 1 Set-or-get | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'set-or-get' version 1.0.0 through 1.2.10 allows an attacker to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25912 | 1 Dotty Project | 1 Dotty | 2024-11-21 | 9.8 Critical |
| Prototype pollution vulnerability in 'dotty' versions 0.0.1 through 0.1.0 allows attackers to cause a denial of service and may lead to remote code execution. | ||||
| CVE-2021-25833 | 1 Onlyoffice | 1 Document Server | 2024-11-21 | 9.8 Critical |
| A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code execution on DocumentServer. | ||||
| CVE-2021-25832 | 1 Onlyoffice | 1 Document Server | 2024-11-21 | 9.8 Critical |
| A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer. | ||||
| CVE-2021-25831 | 1 Onlyoffice | 1 Document Server | 2024-11-21 | 9.8 Critical |
| A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote code execution on DocumentServer. | ||||
| CVE-2021-25830 | 1 Onlyoffice | 1 Document Server | 2024-11-21 | 9.8 Critical |
| A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an attacker can achieve remote code execution on DocumentServer. | ||||