Skip to main content
CVE-2021-1690 HIGH This Week

Windows WalletService Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1689 HIGH This Week

Windows Multipoint Management Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1688 HIGH This Week

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1687 HIGH This Week

Windows WalletService Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1686 HIGH This Week

Windows WalletService Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1681 HIGH This Week

Windows WalletService Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1680 HIGH This Week

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Visual Studio Visual Studio 2017 Visual Studio 2019 Windows 10 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1668 HIGH This Week

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2021-1665 HIGH This Week

GDI+ Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2021-1662 HIGH This Week

Windows Event Tracing Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1661 HIGH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1659 HIGH This Week

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1657 HIGH This Week

Windows Fax Compose Form Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation RCE Windows 10 Windows 7 +6
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-1655 HIGH This Week

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1654 HIGH This Week

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1653 HIGH This Week

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1652 HIGH This Week

Windows CSC Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1651 HIGH This Week

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Visual Studio Visual Studio 2017 Visual Studio 2019 Windows 10 +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1650 HIGH This Week

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1649 HIGH This Week

Active Template Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2021-1648 HIGH This Week

Microsoft splwow64 Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 8 1 Windows Server 2012 +2
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-1647 HIGH KEV PATCH THREAT This Week

Microsoft Defender Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows Defender Security Essentials System Center Endpoint Protection
NVD
CVSS 3.1
7.8
EPSS
39.7%
CVE-2021-1644 HIGH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2021-1643 HIGH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2021-1642 HIGH This Week

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1692 HIGH This Week

Windows Hyper-V Denial of Service Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.1
7.7
EPSS
3.9%
CVE-2021-1691 HIGH This Week

Windows Hyper-V Denial of Service Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.7
EPSS
3.8%
CVE-2021-1638 HIGH This Week

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.7
EPSS
1.2%
CVE-2021-1723 HIGH PATCH This Week

ASP.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Asp Net Core Visual Studio 2019 Fedora
NVD
CVSS 3.1
7.5
EPSS
4.9%
CVE-2021-1694 HIGH This Week

Windows Update Stack Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2021-21469 HIGH This Week

When security guidelines for SAP NetWeaver Master Data Management running on windows have not been thoroughly reviewed, it might be possible for an external operator to try and set custom paths in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft SAP Information Disclosure Netweaver Master Data Management
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-21446 HIGH This Week

SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP Netweaver Application Server Abap
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-1706 HIGH This Week

Windows LUAFV Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.3
EPSS
2.1%
CVE-2021-1704 HIGH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2021-1685 HIGH This Week

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2021-1709 HIGH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2021-1682 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2021-1646 MEDIUM This Month

Windows WLAN Service Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
6.6
EPSS
0.8%
CVE-2021-1679 MEDIUM This Month

Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.5
EPSS
3.5%
CVE-2021-21471 MEDIUM This Month

In CLA-Assistant, versions before 2.8.5, due to improper access control an authenticated user could access API endpoints which are not intended to be used by the user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cla Assistant
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-21448 MEDIUM This Month

SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft SAP Graphical User Interface
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2021-23239 LOW POC Monitor

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled. Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Information Disclosure Sudo Cloud Backup Hci Management Node Solidfire +2
NVD
CVSS 3.1
2.5
EPSS
1.0%
CVE-2021-23927 MEDIUM This Month

OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Open Xchange Appsuite
NVD
CVSS 3.1
6.4
EPSS
0.8%
CVE-2021-23936 MEDIUM This Month

OX App Suite through 7.10.4 allows XSS via the subject of a task. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-23935 MEDIUM This Month

OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-23934 MEDIUM This Month

OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-23933 MEDIUM This Month

OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-23932 MEDIUM This Month

OX App Suite through 7.10.4 allows XSS via an inline image with a crafted filename. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-23931 MEDIUM This Month

OX App Suite through 7.10.4 allows XSS via an inline binary file. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-23930 MEDIUM This Month

OX App Suite through 7.10.4 allows XSS via use of the conversion API for a distributedFile. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Xchange Appsuite
NVD
CVSS 3.1
6.1
EPSS
1.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy