Filtered by vendor Microsoft
Subscribe
Total
21800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39839 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-07 | 6.8 MEDIUM | N/A |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39821 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | N/A |
| Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||
| CVE-2021-37969 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||||
| CVE-2021-39858 | 3 Adobe, Apple, Microsoft | 8 Acrobat, Acrobat 2017, Acrobat Dc and 5 more | 2023-11-07 | 4.3 MEDIUM | N/A |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-3115 | 4 Fedoraproject, Golang, Microsoft and 1 more | 5 Fedora, Go, Windows and 2 more | 2023-11-07 | 5.1 MEDIUM | 7.5 HIGH |
| Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | |||||
| CVE-2021-39834 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2023-11-07 | 4.3 MEDIUM | N/A |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||
| CVE-2021-39841 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-07 | 6.8 MEDIUM | N/A |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Type Confusion vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39824 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2023-11-07 | 9.3 HIGH | N/A |
| Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious png file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-34551 | 3 Fedoraproject, Microsoft, Phpmailer Project | 3 Fedora, Windows, Phpmailer | 2023-11-07 | 5.1 MEDIUM | 8.1 HIGH |
| PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. | |||||
| CVE-2021-35982 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2023-11-07 | 4.4 MEDIUM | 7.3 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. A local attacker with non-administrative privileges can plant a malicious DLL to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction. | |||||
| CVE-2021-31850 | 2 Mcafee, Microsoft | 2 Database Security, Windows | 2023-11-07 | 4.9 MEDIUM | 6.1 MEDIUM |
| A denial-of-service vulnerability in Database Security (DBS) prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files in Windows system directories and other locations where sensitive data could be overwritten. The former could lead to a DoS, whilst the latter could lead to data destruction on the DBS server. | |||||
| CVE-2021-31820 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with authentication, the password is shown in plaintext in the UI. | |||||
| CVE-2021-30609 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30609 Use after free in Sign-In | |||||
| CVE-2021-30624 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30624 Use after free in Autofill | |||||
| CVE-2021-30613 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30613 Use after free in Base internals | |||||
| CVE-2021-30619 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| Chromium: CVE-2021-30619 UI Spoofing in Autofill | |||||
| CVE-2021-30617 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| Chromium: CVE-2021-30617 Policy bypass in Blink | |||||
| CVE-2021-30606 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30606 Use after free in Blink | |||||
| CVE-2021-30618 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30618 Inappropriate implementation in DevTools | |||||
| CVE-2021-30610 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30610 Use after free in Extensions API | |||||