Skip to main content
CVE-2021-43883 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
12.0%
CVE-2021-43248 HIGH PATCH This Week

Windows Digital Media Receiver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43247 HIGH PATCH This Week

Windows TCP/IP Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Windows 10 Windows 11 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-43245 HIGH PATCH This Week

Windows Digital TV Tuner Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43240 HIGH PATCH This Week

NTFS Set Short Name Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 11 Windows Server Windows Server 2016
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-43239 HIGH PATCH This Week

Windows Recovery Environment Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43238 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-43234 HIGH PATCH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-43232 HIGH PATCH This Week

Windows Event Tracing Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-43231 HIGH PATCH This Week

Windows NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-43230 HIGH PATCH This Week

Windows NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-43229 HIGH PATCH This Week

Windows NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-43226 HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +16
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-43223 HIGH PATCH This Week

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-43207 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-42312 HIGH PATCH This Week

Microsoft Defender for IoT Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Defender For Iot
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-41360 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-41333 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +6
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-40453 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-40452 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2021-40441 HIGH PATCH This Week

Windows Media Center Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-43325 HIGH This Week

Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Automox
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-27857 HIGH This Week

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Mpvpn Firmware Warp Firmware
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2021-39646 HIGH PATCH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2021-1045 HIGH PATCH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-1022 HIGH This Week

In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Google Android
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-1002 HIGH This Week

In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-0925 HIGH This Week

In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-43893 HIGH PATCH This Week

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
6.6%
CVE-2021-43888 HIGH PATCH This Week

Microsoft Defender for IoT Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Defender For Iot
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-43236 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-43233 HIGH PATCH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-43228 HIGH PATCH This Week

SymCrypt Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 Windows 11 Windows Server Windows Server 2016 +1
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2021-43222 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-43219 HIGH PATCH This Week

DirectX Graphics Kernel File Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 Windows 11 Windows Server Windows Server 2016 +1
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2021-43892 HIGH PATCH This Week

Microsoft BizTalk ESB Toolkit Spoofing Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Biztalk Esb Toolkit
NVD
CVSS 3.1
7.4
EPSS
2.9%
CVE-2021-1021 HIGH This Week

In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-1020 HIGH This Week

In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-1019 HIGH This Week

In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-1016 HIGH This Week

In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-0954 HIGH This Week

In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2021-0769 HIGH This Week

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2021-0434 HIGH This Week

In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2021-43237 HIGH PATCH This Week

Windows Setup Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server +1
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2021-43835 HIGH PATCH This Week

Sulu is an open-source PHP content management system based on the Symfony framework. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

PHP Privilege Escalation Sulu
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2021-43782 HIGH PATCH This Week

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Tuleap
NVD GitHub
CVSS 3.1
7.2
EPSS
1.4%
CVE-2021-41276 HIGH PATCH This Week

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Tuleap
NVD GitHub
CVSS 3.1
7.2
EPSS
1.5%
CVE-2021-43889 HIGH PATCH This Week

Microsoft Defender for IoT Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Defender For Iot
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-42294 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-42293 MEDIUM PATCH This Month

Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Office Long Term Servicing Channel
NVD VulDB
CVSS 3.1
6.5
EPSS
3.4%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy