Skip to main content
CVE-2021-0928 HIGH This Week

In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Deserialization Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-0927 HIGH This Week

In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-0926 HIGH This Week

In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user's consent due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-0924 HIGH This Week

In xhci_vendor_get_ops of xhci.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Google Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-0923 HIGH This Week

In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-0922 HIGH This Week

In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass of INTERACT_ACROSS_PROFILES permission due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-0921 HIGH This Week

In ParsingPackageImpl of ParsingPackageImpl.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Deserialization Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-0799 HIGH This Week

In ActivityThread.java, there is a possible way to collide the content provider's authorities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-0675 HIGH This Week

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-0649 HIGH This Week

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2021-43891 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2021-43883 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
12.0%
CVE-2021-43248 HIGH PATCH This Week

Windows Digital Media Receiver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43247 HIGH PATCH This Week

Windows TCP/IP Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Windows 10 Windows 11 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-43245 HIGH PATCH This Week

Windows Digital TV Tuner Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43240 HIGH PATCH This Week

NTFS Set Short Name Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 11 Windows Server Windows Server 2016
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-43239 HIGH PATCH This Week

Windows Recovery Environment Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43238 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-43234 HIGH PATCH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-43232 HIGH PATCH This Week

Windows Event Tracing Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-43231 HIGH PATCH This Week

Windows NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-43230 HIGH PATCH This Week

Windows NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-43229 HIGH PATCH This Week

Windows NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-43226 HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +16
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-43223 HIGH PATCH This Week

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43207 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-42312 HIGH PATCH This Week

Microsoft Defender for IoT Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Defender For Iot
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-41360 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-41333 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-40453 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-40452 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-40441 HIGH PATCH This Week

Windows Media Center Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-43325 HIGH This Week

Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Automox
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-27857 HIGH This Week

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Mpvpn Firmware Warp Firmware
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2021-39646 HIGH PATCH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2021-1045 HIGH PATCH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-1022 HIGH This Week

In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Google Android
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-1002 HIGH This Week

In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-0925 HIGH This Week

In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-43893 HIGH PATCH This Week

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
6.6%
CVE-2021-43888 HIGH PATCH This Week

Microsoft Defender for IoT Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Defender For Iot
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-43236 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-43233 HIGH PATCH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-43228 HIGH PATCH This Week

SymCrypt Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 Windows 11 Windows Server Windows Server 2016 +1
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2021-43222 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-43219 HIGH PATCH This Week

DirectX Graphics Kernel File Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 Windows 11 Windows Server Windows Server 2016 +1
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2021-43892 HIGH PATCH This Week

Microsoft BizTalk ESB Toolkit Spoofing Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Biztalk Esb Toolkit
NVD
CVSS 3.1
7.4
EPSS
2.9%
CVE-2021-1021 HIGH This Week

In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-1020 HIGH This Week

In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-1019 HIGH This Week

In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy