Export limit exceeded: 10457 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10457 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40847 | 1 Netgear | 22 R6400v2, R6400v2 Firmware, R6700 and 19 more | 2024-11-21 | 8.1 High |
| The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. While the parental controls themselves are not enabled by default on the routers, the Circle update daemon, circled, is enabled by default. This daemon connects to Circle and NETGEAR to obtain version information and updates to the circled daemon and its filtering database. However, database updates from NETGEAR are unsigned and downloaded via cleartext HTTP. As such, an attacker with the ability to perform a MitM attack on the device can respond to circled update requests with a crafted, compressed database file, the extraction of which gives the attacker the ability to overwrite executable files with attacker-controlled code. This affects R6400v2 1.0.4.106, R6700 1.0.2.16, R6700v3 1.0.4.106, R6900 1.0.2.16, R6900P 1.3.2.134, R7000 1.0.11.123, R7000P 1.3.2.134, R7850 1.0.5.68, R7900 1.0.4.38, R8000 1.0.4.68, and RS400 1.5.0.68. | ||||
| CVE-2021-40643 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2024-11-21 | 9.8 Critical |
| EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any command, which will be executed when we make a test of the configuration ("send test mail"). | ||||
| CVE-2021-40553 | 1 Piwigo | 1 Piwigo | 2024-11-21 | 8.8 High |
| piwigo 11.5.0 is affected by a remote code execution (RCE) vulnerability in the LocalFiles Editor. | ||||
| CVE-2021-40531 | 2 Apple, Sketch | 2 Macos, Sketch | 2024-11-21 | 9.8 Critical |
| Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app. | ||||
| CVE-2021-40521 | 1 Airangel | 10 Hsmx-app-100, Hsmx-app-1000, Hsmx-app-1000 Firmware and 7 more | 2024-11-21 | 9.8 Critical |
| Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution. | ||||
| CVE-2021-40486 | 1 Microsoft | 6 Office, Office Online Server, Office Web Apps Server and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-40481 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.1 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2021-40480 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2021-40479 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40474 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40473 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40471 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40469 | 1 Microsoft | 10 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 7 more | 2024-11-21 | 7.2 High |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-40465 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2024-11-21 | 7.8 High |
| Windows Text Shaping Remote Code Execution Vulnerability | ||||
| CVE-2021-40462 | 1 Microsoft | 14 Windows 10, Windows 10 1809, Windows 10 1909 and 11 more | 2024-11-21 | 7.8 High |
| Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability | ||||
| CVE-2021-40461 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more | 2024-11-21 | 8 High |
| Windows Hyper-V Remote Code Execution Vulnerability | ||||
| CVE-2021-40453 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-40452 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-40442 | 1 Microsoft | 8 365 Apps, Excel, Office and 5 more | 2024-11-21 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-40387 | 1 Kaseya | 1 Unitrends Backup Software | 2024-11-21 | 8.8 High |
| An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution. | ||||