Filtered by vendor Microsoft
Subscriptions
Total
22113 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41784 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | 7.8 High |
| Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | ||||
| CVE-2021-41783 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | 7.8 High |
| Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | ||||
| CVE-2021-41782 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | 7.8 High |
| Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | ||||
| CVE-2021-41781 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | 7.8 High |
| Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | ||||
| CVE-2021-41780 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | 7.8 High |
| Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | ||||
| CVE-2021-41635 | 2 Melag, Microsoft | 2 Ftp Server, Windows | 2024-11-21 | 8.8 High |
| When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire host system. | ||||
| CVE-2021-41378 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more | 2024-11-21 | 7.8 High |
| Windows NTFS Remote Code Execution Vulnerability | ||||
| CVE-2021-41377 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7.8 High |
| Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-41376 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 2.3 Low |
| Azure Sphere Information Disclosure Vulnerability | ||||
| CVE-2021-41375 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 4.4 Medium |
| Azure Sphere Information Disclosure Vulnerability | ||||
| CVE-2021-41374 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 6.7 Medium |
| Azure Sphere Information Disclosure Vulnerability | ||||
| CVE-2021-41373 | 1 Microsoft | 1 Fslogix | 2024-11-21 | 5.5 Medium |
| FSLogix Information Disclosure Vulnerability | ||||
| CVE-2021-41372 | 1 Microsoft | 1 Power Bi Report Server | 2024-11-21 | 7.6 High |
| A Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exists when Power BI Report Server Template file (pbix) containing HTML files is uploaded to the server and HTML files are accessed directly by the victim. Combining these 2 vulnerabilities together, an attacker is able to upload malicious Power BI templates files to the server using the victim's session and run scripts in the security context of the user and perform privilege escalation in case the victim has admin privileges when the victim access one of the HTML files present in the malicious Power BI template uploaded. The security update addresses the vulnerability by helping to ensure that Power BI Report Server properly sanitize file uploads. | ||||
| CVE-2021-41371 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 4.4 Medium |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | ||||
| CVE-2021-41370 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7.8 High |
| NTFS Elevation of Privilege Vulnerability | ||||
| CVE-2021-41368 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 6.1 Medium |
| Microsoft Access Remote Code Execution Vulnerability | ||||
| CVE-2021-41367 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-11-21 | 7.8 High |
| NTFS Elevation of Privilege Vulnerability | ||||
| CVE-2021-41366 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-11-21 | 7.8 High |
| Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability | ||||
| CVE-2021-41365 | 1 Microsoft | 1 Defender For Iot | 2024-11-21 | 8.8 High |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | ||||
| CVE-2021-41363 | 1 Microsoft | 1 Intune Management Extension | 2024-11-21 | 4.2 Medium |
| Intune Management Extension Security Feature Bypass Vulnerability | ||||