Show filters
33,353 Total Results
Displaying 1-10 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Very High
CVE-2021-1675
Disclosure Date: June 08, 2021 (last updated August 01, 2023)
Windows Print Spooler Remote Code Execution Vulnerability
20
Attacker Value
Very High
CVE-2020-0601, aka NSACrypt
Disclosure Date: January 14, 2020 (last updated July 24, 2020)
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
3
Attacker Value
Moderate
CVE-2021-40444
Disclosure Date: September 15, 2021 (last updated September 25, 2021)
Microsoft MSHTML Remote Code Execution Vulnerability
9
Attacker Value
Very High
CVE-2020-15999 Chrome Freetype 0day
Disclosure Date: November 03, 2020 (last updated November 05, 2020)
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
7
Attacker Value
Very High
CVE-2021-26857
Disclosure Date: March 03, 2021 (last updated July 27, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
4
Attacker Value
Very High
CVE-2021-24085
Disclosure Date: February 25, 2021 (last updated March 05, 2021)
Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-1730.
6
Attacker Value
Moderate
CVE-2021-21300
Disclosure Date: March 09, 2021 (last updated March 19, 2021)
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2.…
4
Attacker Value
Very High
CVE-2020-16952 — Microsoft SharePoint Remote Code Execution Vulnerabilities
Disclosure Date: October 16, 2020 (last updated October 22, 2020)
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16951.
5
Attacker Value
Unknown
CVE-2021-33742
Disclosure Date: June 08, 2021 (last updated June 15, 2021)
Windows MSHTML Platform Remote Code Execution Vulnerability
4
Attacker Value
Moderate
CVE-2020-5948 — F5 TMUI XSS vulnerability
Disclosure Date: December 11, 2020 (last updated December 15, 2020)
On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2.
Undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.
### Impact
An attacker may exploit this vulnerability using a crafted URL to a reflected cross-site scripting (XSS) in an undisclosed page of the Configuration utility.
4