Total
2157 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34477 | 1 Microsoft | 2 .net Education Bundle Sdk Install Tool, .net Install Tool For Extension Authors | 2024-11-21 | 7.8 High |
| Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability | ||||
| CVE-2021-34471 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | 7.8 High |
| Microsoft Windows Defender Elevation of Privilege Vulnerability | ||||
| CVE-2021-34461 | 1 Microsoft | 7 Windows 10, Windows 10 1809, Windows 10 20h2 and 4 more | 2024-11-21 | 7.8 High |
| Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-34460 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.8 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-34459 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.8 High |
| Windows AppContainer Elevation Of Privilege Vulnerability | ||||
| CVE-2021-34456 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||||
| CVE-2021-34455 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2024-11-21 | 7.8 High |
| Windows File History Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-34412 | 1 Zoom | 1 Meetings | 2024-11-21 | 7.8 High |
| During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. | ||||
| CVE-2021-34411 | 1 Zoom | 1 Rooms | 2024-11-21 | 7.8 High |
| During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. | ||||
| CVE-2021-33751 | 1 Microsoft | 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more | 2024-11-21 | 7 High |
| Storage Spaces Controller Elevation of Privilege Vulnerability | ||||
| CVE-2021-33697 | 1 Sap | 1 Businessobjects Business Intelligence | 2024-11-21 | 6.1 Medium |
| Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | ||||
| CVE-2021-33538 | 1 Weidmueller | 16 Ie-wl-bl-ap-cl-eu, Ie-wl-bl-ap-cl-eu Firmware, Ie-wl-bl-ap-cl-us and 13 more | 2024-11-21 | 8.8 High |
| In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | ||||
| CVE-2021-33526 | 1 Mbconnectline | 1 Mbdialup | 2024-11-21 | 7.8 High |
| In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service. | ||||
| CVE-2021-33505 | 1 Falco | 1 Falco | 2024-11-21 | 7.8 High |
| A local malicious user can circumvent the Falco detection engine through 0.28.1 by running a program that alters arguments of system calls being executed. Issue is fixed in Falco versions >= 0.29.1. | ||||
| CVE-2021-33356 | 1 Raspap | 1 Raspap | 2024-11-21 | 8.8 High |
| Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges. | ||||
| CVE-2021-32739 | 2 Debian, Icinga | 2 Debian Linux, Icinga | 2024-11-21 | 8.8 High |
| Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API users. With a read-ony user's credentials, an attacker can view most attributes of all config objects including `ticket_salt` of `ApiListener`. This salt is enough to compute a ticket for every possible common name (CN). A ticket, the master node's certificate, and a self-signed certificate are enough to successfully request the desired certificate from Icinga. That certificate may in turn be used to steal an endpoint or API user's identity. Versions 2.12.5 and 2.11.10 both contain a fix the vulnerability. As a workaround, one may either specify queryable types explicitly or filter out ApiListener objects. | ||||
| CVE-2021-31969 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-31961 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-11-21 | 6.1 Medium |
| Windows InstallService Elevation of Privilege Vulnerability | ||||
| CVE-2021-31954 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-31847 | 1 Mcafee | 1 Agent | 2024-11-21 | 8.2 High |
| Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature. | ||||