Show filters
18,551 Total Results
Displaying 91-100 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Very High

CVE-2021-32722

Disclosure Date: June 28, 2021 (last updated February 22, 2025)
GlobalNewFiles is a mediawiki extension. Versions prior to 48be7adb70568e20e961ea1cb70904454a671b1d are affected by an uncontrolled resource consumption vulnerability. A large amount of page moves within a short space of time could overwhelm Database servers due to improper handling of load balancing and a lack of an appropriate index. As a workaround, one may avoid use of the extension unless additional rate limit at the MediaWiki level or via PoolCounter / MySQL is enabled. A patch is available in version 48be7adb70568e20e961ea1cb70904454a671b1d.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
3
1
Attacker Value
Moderate

CVE-2021-33739

Disclosure Date: June 08, 2021 (last updated November 28, 2024)
Microsoft DWM Core Library Elevation of Privilege Vulnerability
3
1
Attacker Value
Unknown

CVE-2021-31195

Disclosure Date: May 11, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Remote Code Execution Vulnerability
3
1
Attacker Value
High

CVE-2021-27076

Disclosure Date: March 11, 2021 (last updated November 28, 2024)
Microsoft SharePoint Server Remote Code Execution Vulnerability
3
1
Attacker Value
Very Low

CVE-2021-24094

Disclosure Date: February 25, 2021 (last updated November 28, 2024)
Windows TCP/IP Remote Code Execution Vulnerability
3
1
Attacker Value
Very High

CVE-2020-17132

Disclosure Date: December 10, 2020 (last updated November 28, 2024)
Microsoft Exchange Remote Code Execution Vulnerability
3
1
Attacker Value
Moderate

CVE-2020-17091

Disclosure Date: November 11, 2020 (last updated November 28, 2024)
Microsoft Teams Remote Code Execution Vulnerability
3
1
Attacker Value
Unknown

CVE-2020-16009

Disclosure Date: November 03, 2020 (last updated February 22, 2025)
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
3
1
Attacker Value
High

CVE-2020-1380

Disclosure Date: August 17, 2020 (last updated January 19, 2024)
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document tha…
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
3
1
Attacker Value
Low

CVE-2020-12695 "CallStranger"

Disclosure Date: June 08, 2020 (last updated February 21, 2025)
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
2
2
View More Topics  < Previous  Next >