Show filters
4,015 Total Results
Displaying 21-30 of 4,015
Sort by:
Attacker Value
High

CVE-2021-33771

Disclosure Date: July 14, 2021 (last updated February 23, 2025)
Windows Kernel Elevation of Privilege Vulnerability
5
2
Attacker Value
Unknown

CVE-2021-33742

Disclosure Date: June 08, 2021 (last updated February 22, 2025)
Windows MSHTML Platform Remote Code Execution Vulnerability
5
2
Attacker Value
High

CVE-2021-1732

Disclosure Date: February 25, 2021 (last updated February 22, 2025)
Windows Win32k Elevation of Privilege Vulnerability
6
1
Attacker Value
Low

CVE-2020-11984 — Multiple Vulnerabilities in Apache Web Server Could Allow for …

Disclosure Date: August 07, 2020 (last updated February 21, 2025)
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
6
1
Attacker Value
Low

CVE-2020-0986

Disclosure Date: June 09, 2020 (last updated February 21, 2025)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
Attack Vector: LocalPrivileges: LowUser Interaction: None
4
2
Attacker Value
Low

CVE-2019-11358

Disclosure Date: April 20, 2019 (last updated February 17, 2024)
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
6
1
Attacker Value
Moderate

CVE-2015-9251

Disclosure Date: January 18, 2018 (last updated November 08, 2023)
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
6
1
Attacker Value
Low

CVE-2021-24074

Disclosure Date: February 25, 2021 (last updated November 28, 2024)
Windows TCP/IP Remote Code Execution Vulnerability
4
2
Attacker Value
High

CVE-2023-36874

Disclosure Date: July 11, 2023 (last updated January 24, 2025)
Windows Error Reporting Service Elevation of Privilege Vulnerability
4
1
Attacker Value
Very High

CVE-2023-28252

Disclosure Date: April 11, 2023 (last updated January 11, 2025)
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
4
1
View More Topics  < Previous  Next >