Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2021-27047 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27048 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27049 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27050 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27052 Microsoft SharePoint Server Information Disclosure Vulnerability | 5.3 | MEDIUM | β | 0 |
| CVE-2021-27053 Microsoft Excel Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27054 Microsoft Excel Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27055 Microsoft Visio Security Feature Bypass Vulnerability | 7.0 | HIGH | β | 0 |
| CVE-2021-27056 Microsoft PowerPoint Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27057 Microsoft Office Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27058 Microsoft Office ClickToRun Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27060 Visual Studio Code Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27061 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27062 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-27063 Windows DNS Server Denial of Service Vulnerability | 7.5 | HIGH | β | 0 |
| CVE-2021-27066 Windows Admin Center Security Feature Bypass Vulnerability | 4.3 | MEDIUM | β | 0 |
| CVE-2021-27080 Azure Sphere Unsigned Code Execution Vulnerability | 9.3 | CRITICAL | β | 0 |
| CVE-2021-27070 Windows 10 Update Assistant Elevation of Privilege Vulnerability | 7.3 | HIGH | β | 0 |
| CVE-2021-27074 Azure Sphere Unsigned Code Execution Vulnerability | 6.2 | MEDIUM | β | 0 |
| CVE-2021-27075 Azure Virtual Machine Information Disclosure Vulnerability | 6.8 | MEDIUM | β | 0 |
| CVE-2021-27076 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2021-27077 Windows Win32k Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2021-21381 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwardi... | 7.1 | HIGH | β | 0 |
| CVE-2021-26776 CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerability in multiple pages through the field name. | 5.4 | MEDIUM | β | 0 |
| CVE-2021-27677 Cross-site scripting (XSS) vulnerability in Galleries in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. | 5.4 | MEDIUM | β | 0 |
| CVE-2021-27678 Cross-site scripting (XSS) vulnerability in Snippets in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. | 5.4 | MEDIUM | β | 0 |
| CVE-2021-27679 Cross-site scripting (XSS) vulnerability in Navigation in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. | 5.4 | MEDIUM | β | 0 |
| CVE-2021-28088 Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field. | 5.4 | MEDIUM | β | 0 |
| CVE-2021-28144 prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables,... | 8.8 | HIGH | β | 0 |
| CVE-2020-14987 An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary code because there is a mishandling of the capability for administ... | 7.2 | HIGH | β | 0 |
| CVE-2020-14988 An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows XSS in the login page via the loginmessage parameter, the text editor via the src attribute of HTML elem... | 5.4 | MEDIUM | β | 0 |
| CVE-2020-14989 An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended. | 6.5 | MEDIUM | β | 0 |
| CVE-2020-29045 The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in incl... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36277 Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c. | 7.5 | HIGH | β | 0 |
| CVE-2021-20261 A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the... | 6.4 | MEDIUM | β | 0 |
| CVE-2021-22709 A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which ... | 7.8 | HIGH | β | 0 |
| CVE-2021-22710 A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which ... | 7.8 | HIGH | β | 0 |
| CVE-2021-22711 A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which ... | 7.8 | HIGH | β | 0 |
| CVE-2021-22712 A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which ... | 7.8 | HIGH | β | 0 |
| CVE-2021-22713 A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security n... | 7.5 | HIGH | β | 0 |
| CVE-2021-22714 A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the m... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-20009 A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | 9.8 | CRITICAL | β | 0 |
| CVE-2020-24983 An issue was discovered in Quadbase EspressReports ES 7 Update 9. An unauthenticated attacker can create a malicious HTML file that houses a POST request made to the DashboardBuilder within the target... | 8.8 | HIGH | β | 0 |
| CVE-2020-24984 An issue was discovered in Quadbase EspressReports ES 7 Update 9. It allows CSRF, whereby an attacker may be able to trick an authenticated admin level user into uploading malicious files to the web s... | 8.8 | HIGH | β | 0 |
| CVE-2021-28143 /jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools). | 8.0 | HIGH | β | 0 |
| CVE-2021-28153 An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the ... | 5.3 | MEDIUM | β | 0 |
| CVE-2021-29937 An issue was discovered in the telemetry crate through 2021-02-17 for Rust. There is a drop of uninitialized memory if a value.clone() call panics within misc::vec_with_size(). | 9.8 | CRITICAL | β | 0 |
| CVE-2021-28154 Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulate... | 9.1 | CRITICAL | β | 0 |
| CVE-2020-36278 Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. | 7.5 | HIGH | β | 0 |
| CVE-2020-36279 Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c. | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.