Show filters
19,892 Total Results
Displaying 81-90 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Moderate

CVE-2022-21999

Disclosure Date: February 09, 2022 (last updated February 23, 2025)
Windows Print Spooler Elevation of Privilege Vulnerability
4
1
Attacker Value
High

CVE-2022-21919

Disclosure Date: January 11, 2022 (last updated February 23, 2025)
Windows User Profile Service Elevation of Privilege Vulnerability
4
1
Attacker Value
Low

CVE-2021-45046

Disclosure Date: December 14, 2021 (last updated October 07, 2023)
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
4
1
Attacker Value
Unknown

CVE-2021-21980

Disclosure Date: November 24, 2021 (last updated October 07, 2023)
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
1
1
Attacker Value
High

CVE-2021-40438

Disclosure Date: September 16, 2021 (last updated February 23, 2025)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
4
1
Attacker Value
High

CVE-2021-2394

Disclosure Date: July 21, 2021 (last updated November 28, 2024)
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
4
1
Attacker Value
High

CVE-2021-33766 ProxyToken

Disclosure Date: July 14, 2021 (last updated February 23, 2025)
Microsoft Exchange Server Information Disclosure Vulnerability
4
1
Attacker Value
Moderate

CVE-2021-31201

Disclosure Date: June 08, 2021 (last updated November 28, 2024)
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
3
2
Attacker Value
Moderate

CVE-2021-31199

Disclosure Date: June 08, 2021 (last updated November 28, 2024)
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
3
2
Attacker Value
High

CVE-2021-31181

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
Microsoft SharePoint Remote Code Execution Vulnerability
4
1
View More Topics  < Previous  Next >