Export limit exceeded: 339825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (640 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24078 | 1 Microsoft | 10 Windows Server 1909, Windows Server 2004, Windows Server 2008 and 7 more | 2024-11-21 | 9.8 Critical |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-24077 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 9.8 Critical |
| Windows Fax Service Remote Code Execution Vulnerability | ||||
| CVE-2021-24074 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 9.8 Critical |
| Windows TCP/IP Remote Code Execution Vulnerability | ||||
| CVE-2021-21155 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-11-21 | 9.6 Critical |
| Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2021-21150 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-11-21 | 9.6 Critical |
| Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2021-21132 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2024-11-21 | 9.6 Critical |
| Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | ||||
| CVE-2021-21124 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2024-11-21 | 9.6 Critical |
| Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2021-21121 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2024-11-21 | 9.6 Critical |
| Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2020-9682 | 2 Adobe, Microsoft | 2 Creative Cloud Desktop Application, Windows | 2024-11-21 | 9.8 Critical |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write. | ||||
| CVE-2020-9671 | 2 Adobe, Microsoft | 2 Creative Cloud Desktop Application, Windows | 2024-11-21 | 9.8 Critical |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2020-9670 | 2 Adobe, Microsoft | 2 Creative Cloud Desktop Application, Windows | 2024-11-21 | 9.8 Critical |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2020-9669 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2024-11-21 | 9.8 Critical |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2020-9633 | 6 Adobe, Apple, Google and 3 more | 9 Flash Player, Flash Player Desktop Runtime, Macos and 6 more | 2024-11-21 | 9.8 Critical |
| Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-7883 | 2 Microsoft, Wowsoft | 2 Windows, Printchaser | 2024-11-21 | 9.8 Critical |
| Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution. | ||||
| CVE-2020-7878 | 2 4nb, Microsoft | 2 Videooffice, Windows | 2024-11-21 | 9.8 Critical |
| An arbitrary file download and execution vulnerability was found in the VideoOffice X2.9 and earlier versions (CVE-2020-7878). This issue is due to missing support for integrity check. | ||||
| CVE-2020-7869 | 2 Mastersoft, Microsoft | 2 Zook, Windows | 2024-11-21 | 9 Critical |
| An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority. | ||||
| CVE-2020-7868 | 2 Helpu, Microsoft | 2 Helpu, Windows | 2024-11-21 | 9.6 Critical |
| A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of ShellExecutionExA function used for login. | ||||
| CVE-2020-7819 | 2 Microsoft, Ntracker | 2 Windows, Ntracker Usb Enterprise | 2024-11-21 | 9.3 Critical |
| A SQL-Injection vulnerability in the nTracker USB Enterprise(secure USB management solution) allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. | ||||
| CVE-2020-7485 | 2 Microsoft, Schneider-electric | 4 Windows 7, Windows Nt, Windows Xp and 1 more | 2024-11-21 | 9.8 Critical |
| **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1 | ||||
| CVE-2020-4879 | 2 Ibm, Microsoft | 2 Cognos Controller, Windows | 2024-11-21 | 9.8 Critical |
| IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions, caused by improper validation of authentication cookies. IBM X-Force ID: 190847. | ||||