CVE-2021-31955
|
Windows Kernel Information Disclosure Vulnerability |
Microsoft |
Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows 10 Version 1909, Windows 10 Version 21H1, Windows 10 Version 2004, Windows Server version 2004, Windows 10 Version 20H2, Windows Server version 20H2 |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-0878
|
Microsoft Browser Memory Corruption Vulnerability |
Microsoft |
ChakraCore, Microsoft Edge (EdgeHTML-based), Internet Explorer 9, Internet Explorer 11 |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2016-0167
|
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and... |
Microsoft |
Windows |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-38647
|
Open Management Infrastructure Remote Code Execution Vulnerability |
Microsoft |
Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2014-1812
|
The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and... |
Microsoft |
Windows |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-22502
|
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be... |
n/a |
Operation Bridge Reporter. |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-22506
|
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0.... |
n/a |
Access Manager. |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-23874
|
McAfee Total Protection (MTP) privilege escalation vulnerability |
McAfee,LLC |
McAfee Total Protection (MTP) |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-7961
|
Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services... |
n/a |
n/a |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-30116
|
Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6 |
n/a |
n/a |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-15505
|
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3,... |
n/a |
n/a |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2016-3718
|
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery... |
ImageMagick |
ImageMagick |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2016-3715
|
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. |
ImageMagick |
ImageMagick |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2019-4716
|
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and... |
IBM |
Planning Analytics |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-4428
|
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM... |
IBM |
Data Risk Manager |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-4427
|
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured... |
IBM |
Data Risk Manager |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2020-4430
|
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker... |
IBM |
Data Risk Manager |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-30563
|
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-21220
|
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap... |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-21193
|
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-21224
|
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML... |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-38003
|
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a... |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-38000
|
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily... |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-21206
|
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |
CVE-2021-30554
|
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... |
Google |
Chrome |
2021-11-03 00:00:00 UTC |
CISA |