| ID: CVE-2021-45105 |
Title: Log4j: multiple vulnerabilities - Windows |
Type: Software |
Bulletins:
CVE-2021-45105 CVE-2021-45046 CVE-2021-44228 CVE-2019-17571 |
Severity: High |
| Description: Log4j versions before 2.17.0 are vulnerable to CVE-2021-45105. Log4j versions before 2.16.0 are vulnerable to CVE-2021-45046. Log4j versions before 2.15.0 are vulnerable to CVE-2021-44228. Log4j versions before 1.2.18 are vulnerable to CVE-2019-17571. | ||||
| Applies to: Log4j |
Created: 2021-12-21 |
Updated: 2024-01-17 |
||
| ID: CVE-2021-45105 |
Title: Log4j: multiple vulnerabilities - Linux |
Type: Software |
Bulletins:
CVE-2021-45105 CVE-2021-45046 CVE-2021-44228 CVE-2019-17571 |
Severity: High |
| Description: Log4j versions before 2.17.0 are vulnerable to CVE-2021-45105. Log4j versions before 2.16.0 are vulnerable to CVE-2021-45046. Log4j versions before 2.15.0 are vulnerable to CVE-2021-44228. Log4j versions before 1.2.18 are vulnerable to CVE-2019-17571. | ||||
| Applies to: Log4j |
Created: 2021-12-20 |
Updated: 2024-01-17 |
||
| ID: CISEC:9071 |
Title: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:9071 CVE-2021-38631 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9090 |
Title: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:9090 CVE-2021-41371 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9092 |
Title: Windows NTFS Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9092 CVE-2021-41378 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9068 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9068 CVE-2021-42285 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9081 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9081 CVE-2021-41379 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9077 |
Title: Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:9077 CVE-2021-42274 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9079 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:9079 CVE-2021-42284 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9083 |
Title: Windows Hello Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:9083 CVE-2021-42288 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9093 |
Title: Windows Feedback Hub Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9093 CVE-2021-42280 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9080 |
Title: Windows Fast FAT File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9080 CVE-2021-41377 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9063 |
Title: Windows Desktop Bridge Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9063 CVE-2021-36957 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9076 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:9076 CVE-2021-41356 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9074 |
Title: Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9074 CVE-2021-42286 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9067 |
Title: Remote Desktop Protocol Client Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:9067 CVE-2021-38665 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9088 |
Title: Remote Desktop Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9088 CVE-2021-38666 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9062 |
Title: NTFS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9062 CVE-2021-41370 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9078 |
Title: NTFS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9078 CVE-2021-42283 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9084 |
Title: NTFS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9084 CVE-2021-41367 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9086 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9086 CVE-2021-42276 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9066 |
Title: Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9066 CVE-2021-26443 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9061 |
Title: Microsoft COM for Windows Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9061 CVE-2021-42275 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9089 |
Title: Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9089 CVE-2021-41366 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9069 |
Title: Chakra Scripting Engine Memory Corruption Vulnerability |
Type: Software |
Bulletins:
CISEC:9069 CVE-2021-42279 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9065 |
Title: Active Directory Domain Services Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9065 CVE-2021-42291 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9070 |
Title: Active Directory Domain Services Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9070 CVE-2021-42278 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9072 |
Title: Active Directory Domain Services Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9072 CVE-2021-42282 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9087 |
Title: Active Directory Domain Services Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9087 CVE-2021-42287 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-12-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:9023 |
Title: Multiple vulnerabilities on Acrobat DC and Acrobat Reader DC version 21.007.20095 (and earlier), Acrobat 2020 and Acrobat Reader 2020 version 20.004.30015 (and earlier), Acrobat 2017 and Acrobat Reader 2017 version... |
Type: Software |
Bulletins:
CISEC:9023 |
Severity: Low |
| Description: Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free that allow a remote attacker to disclose sensitive information on affected installations of of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG2000 images. (CVE-2021-40730) Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by an out-of-bounds write vulnerability when parsing a crafted JPEG2000 file, which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-40731) Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-40728) Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. (CVE-2021-40729) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat 2020 Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader 2020 Adobe Reader DC Continuous |
Created: 2021-11-19 |
Updated: 2021-11-19 |
||
| ID: CISEC:9022 |
Title: Multiple vulnerabilities on Acrobat DC and Acrobat Reader DC version 21.005.20060 (and earlier), Acrobat 2020 and Acrobat Reader 2020 version 20.004.30006 (and earlier), Acrobat 2017 and Acrobat Reader 2017 version... |
Type: Software |
Bulletins:
CISEC:9022 |
Severity: Low |
| Description: Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm listbox that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. (CVE-2021-40725) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm field that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. (CVE-2021-40726) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Type Confusion vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39841) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39863) Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to check for existence of local files. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page. (CVE-2021-39857) Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page. (CVE-2021-39856) Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. (CVE-2021-39855) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39844, CVE-2021-39861, CVE-2021-39858) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39843) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader. (CVE-2021-39846, CVE-2021-39845) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. An attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction. (CVE-2021-35982) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Use After Free vulnerability. (CVE-2021-39859) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForms that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. (CVE-2021-39840) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39842) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39839) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetCaption action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39838) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm deleteItemAt action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39837) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetIcon action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39836) Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive user memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39860) Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-39852, CVE-2021-39854, CVE-2021-39853, CVE-2021-39850, CVE-2021-39849, CVE-2021-39851) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat 2020 Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader 2020 Adobe Reader DC Continuous |
Created: 2021-11-19 |
Updated: 2021-11-19 |
||
| ID: CISEC:8988 |
Title: Windows Text Shaping Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8988 CVE-2021-40465 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9018 |
Title: Windows TCP/IP Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:9018 CVE-2021-36953 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9006 |
Title: Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:9006 CVE-2021-40460 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9014 |
Title: Windows Print Spooler Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:9014 CVE-2021-36970 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8994 |
Title: Windows Print Spooler Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8994 CVE-2021-41332 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8979 |
Title: Windows Nearby Sharing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8979 CVE-2021-40464 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9012 |
Title: Windows NAT Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:9012 CVE-2021-40463 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8992 |
Title: Windows MSHTML Platform Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8992 CVE-2021-41342 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8995 |
Title: Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8995 CVE-2021-40462 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9007 |
Title: Windows Media Audio Decoder Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9007 CVE-2021-41331 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8996 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8996 CVE-2021-41335 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8984 |
Title: Windows Installer Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8984 CVE-2021-40455 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9004 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9004 CVE-2021-40461 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8985 |
Title: Windows HTTP.sys Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8985 CVE-2021-26442 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8986 |
Title: Windows Graphics Component Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8986 CVE-2021-41340 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9021 |
Title: Windows Fast FAT File System Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:9021 CVE-2021-38662 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8980 |
Title: Windows Fast FAT File System Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8980 CVE-2021-41343 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9017 |
Title: Windows exFAT File System Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:9017 CVE-2021-38663 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9008 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9008 CVE-2021-40477 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9002 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:9002 CVE-2021-40469 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8989 |
Title: Windows Desktop Bridge Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8989 CVE-2021-41334 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9001 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9001 CVE-2021-40467 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9015 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9015 CVE-2021-40466 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9016 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9016 CVE-2021-40443 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9011 |
Title: Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:9011 CVE-2021-40475 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8999 |
Title: Windows Bind Filter Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8999 CVE-2021-40468 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8982 |
Title: Windows AppX Deployment Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8982 CVE-2021-41347 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9013 |
Title: Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:9013 CVE-2021-41338 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8993 |
Title: Windows AppContainer Elevation Of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8993 CVE-2021-40476 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8981 |
Title: Windows AD FS Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8981 CVE-2021-40456 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8998 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8998 CVE-2021-41357 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9000 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9000 CVE-2021-40450 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8983 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8983 CVE-2021-40449 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9003 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9003 CVE-2021-41345 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9010 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9010 CVE-2021-40488 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9020 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9020 CVE-2021-40478 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8978 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8978 CVE-2021-26441 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8987 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8987 CVE-2021-40489 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8991 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8991 CVE-2021-41330 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9005 |
Title: Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:9005 CVE-2021-41339 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8990 |
Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8990 CVE-2021-40470 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8997 |
Title: Console Window Host Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8997 CVE-2021-41346 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9009 |
Title: Active Directory Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:9009 CVE-2021-41337 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:9019 |
Title: Active Directory Federation Server Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:9019 CVE-2021-41361 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-11-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8975 |
Title: Windows WLAN AutoConfig Service Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8975 CVE-2021-36965 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8949 |
Title: Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8949 CVE-2021-36967 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8948 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8948 CVE-2021-36966 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8976 |
Title: Windows Storage Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8976 CVE-2021-38637 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8968 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8968 CVE-2021-36972 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8973 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8973 CVE-2021-36960 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8965 |
Title: Windows SMB Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8965 CVE-2021-36974 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8977 |
Title: Windows Scripting Engine Memory Corruption Vulnerability |
Type: Software |
Bulletins:
CISEC:8977 CVE-2021-26435 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8962 |
Title: Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8962 CVE-2021-36973 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8963 |
Title: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8963 CVE-2021-36969 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8969 |
Title: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8969 CVE-2021-38635 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8971 |
Title: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8971 CVE-2021-38636 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8956 |
Title: Windows Print Spooler Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8956 CVE-2021-36958 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8942 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8942 CVE-2021-40447 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8964 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8964 CVE-2021-38671 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8974 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8974 CVE-2021-38667 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8966 |
Title: Windows Key Storage Provider Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8966 CVE-2021-38624 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8945 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8945 CVE-2021-38625 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8959 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8959 CVE-2021-38626 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8960 |
Title: Windows Installer Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8960 CVE-2021-36962 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8967 |
Title: Windows Installer Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8967 CVE-2021-36961 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8947 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8947 CVE-2021-36964 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8958 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8958 CVE-2021-38630 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8961 |
Title: Windows DNS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8961 CVE-2021-36968 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8943 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8943 CVE-2021-36955 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8944 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8944 CVE-2021-36963 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8951 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8951 CVE-2021-38633 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8952 |
Title: Windows Bind Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8952 CVE-2021-36954 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8950 |
Title: Windows Authenticode Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8950 CVE-2021-36959 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8953 |
Title: Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8953 CVE-2021-38629 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8954 |
Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8954 CVE-2021-38628 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8972 |
Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8972 CVE-2021-38638 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8946 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8946 CVE-2021-36975 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8970 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8970 CVE-2021-38639 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8957 |
Title: Microsoft Windows Update Client Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8957 CVE-2021-38634 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8941 |
Title: Microsoft MSHTML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8941 CVE-2021-40444 |
Severity: Medium |
| Description: Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Please see the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability. UPDATE September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system. | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8955 |
Title: BitLocker Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8955 CVE-2021-38632 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-10-22 |
Updated: 2024-01-17 |
||
| ID: CISEC:8937 |
Title: Multiple vulnerabilities on Creative Cloud Desktop Application versions 4.6.1 and earlier |
Type: Software |
Bulletins:
CISEC:8937 |
Severity: Low |
| Description: Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage. (CVE-2019-8063) Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service. (CVE-2019-7957) Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2019-7958) Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2019-7959) Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. (CVE-2019-8236) | ||||
| Applies to: Adobe Creative Cloud |
Created: 2021-10-08 |
Updated: 2021-10-08 |
||
| ID: CISEC:8938 |
Title: Multiple vulnerabilities on Adobe Media Encoder versions 13.1 and earlier |
Type: Software |
Bulletins:
CISEC:8938 |
Severity: Low |
| Description: Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2019-8241, CVE-2019-8242, CVE-2019-8243, CVE-2019-8244) Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2019-8246) | ||||
| Applies to: Adobe Media Encoder |
Created: 2021-10-08 |
Updated: 2021-10-08 |
||
| ID: CISEC:8939 |
Title: Multiple vulnerabilities on Adobe Digital Editions versions 4.5.10 and below |
Type: Software |
Bulletins:
CISEC:8939 |
Severity: Low |
| Description: Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-3759) Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-3760) | ||||
| Applies to: Adobe Digital Editions |
Created: 2021-10-08 |
Updated: 2021-10-08 |
||
| ID: CISEC:8940 |
Title: Creative Cloud Desktop Application |
Type: Software |
Bulletins:
CISEC:8940 |
Severity: Low |
| Description: Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2019-7093) | ||||
| Applies to: Adobe Creative Cloud |
Created: 2021-10-08 |
Updated: 2021-10-08 |
||
| ID: CISEC:8935 |
Title: Multiple vulnerabilities on Creative Cloud Desktop Application versions 5.1 and earlier |
Type: Software |
Bulletins:
CISEC:8935 |
Severity: Low |
| Description: Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2020-9669) Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2020-9671) Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2020-9670) Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write. (CVE-2020-9682) | ||||
| Applies to: Adobe Creative Cloud |
Created: 2021-09-24 |
Updated: 2021-09-24 |
||
| ID: CISEC:8934 |
Title: Multiple vulnerabilities on Adobe Media Encoder versions 14.2 and earlier |
Type: Software |
Bulletins:
CISEC:8934 |
Severity: Low |
| Description: Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-9649) Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9650, CVE-2020-9646) | ||||
| Applies to: Adobe Media Encoder |
Created: 2021-09-24 |
Updated: 2021-09-24 |
||
| ID: CISEC:8933 |
Title: Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration |
Type: Software |
Bulletins:
CISEC:8933 |
Severity: Low |
| Description: Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-3798) | ||||
| Applies to: Adobe Digital Editions |
Created: 2021-09-24 |
Updated: 2021-09-24 |
||
| ID: CISEC:8929 |
Title: Multiple vulnerabilities on Creative Cloud Desktop Application version 5.3 |
Type: Software |
Bulletins:
CISEC:8929 |
Severity: Low |
| Description: Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction. (CVE-2021-21068) Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution in the process of the current user. Exploitation of this issue requires user interaction. (CVE-2021-21078) Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction. (CVE-2021-21069, CVE-2021-28547) | ||||
| Applies to: Adobe Creative Cloud |
Created: 2021-09-17 |
Updated: 2021-09-17 |
||
| ID: CISEC:8931 |
Title: Multiple vulnerabilities on Acrobat DC and Acrobat Reader DC version 2020.009.20074?and?earlier?versions, Acrobat 2020 and Acrobat Reader 2020 version 2020.001.30002, Acrobat 2017 and Acrobat Reader 2017 version... |
Type: Software |
Bulletins:
CISEC:8931 |
Severity: Low |
| Description: Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2020-9714) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-9711) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a disclosure of sensitive data vulnerability. Successful exploitation could lead to memory leak. (CVE-2020-9697) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9693, CVE-2020-9694) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass. (CVE-2020-9696, CVE-2020-9712) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to application denial-of-service. (CVE-2020-9702, CVE-2020-9703) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-9723, CVE-2020-9705, CVE-2020-9706, CVE-2020-9707, CVE-2020-9710, CVE-2020-9716, CVE-2020-9717, CVE-2020-9718, CVE-2020-9719, CVE-2020-9720, CVE-2020-9721) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9698, CVE-2020-9699, CVE-2020-9700, CVE-2020-9701, CVE-2020-9704) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9715, CVE-2020-9722) Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9713, CVE-2020-9695) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat 2020 Adobe Acrobat DC Classic Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader 2020 Adobe Reader DC Classic Adobe Reader DC Continuous |
Created: 2021-09-17 |
Updated: 2021-09-17 |
||
| ID: CISEC:8922 |
Title: InCopy version 15.1.1 |
Type: Software |
Bulletins:
CISEC:8922 |
Severity: Low |
| Description: InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21010) | ||||
| Applies to: Adobe InCopy |
Created: 2021-09-17 |
Updated: 2021-09-17 |
||
| ID: CISEC:8925 |
Title: Adobe Prelude version 9.0.1 |
Type: Software |
Bulletins:
CISEC:8925 |
Severity: Low |
| Description: Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2020-24440) | ||||
| Applies to: Adobe Prelude |
Created: 2021-09-17 |
Updated: 2021-09-17 |
||
| ID: CISEC:8924 |
Title: Adobe Lightroom Classic version 10.0 |
Type: Software |
Bulletins:
CISEC:8924 |
Severity: Low |
| Description: Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2020-24447) | ||||
| Applies to: Adobe Lightroom Classic |
Created: 2021-09-17 |
Updated: 2021-09-17 |
||
| ID: CISEC:8927 |
Title: Adobe Illustrator version 25.0 |
Type: Software |
Bulletins:
CISEC:8927 |
Severity: Low |
| Description: Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21007) | ||||
| Applies to: Adobe Illustrator |
Created: 2021-09-17 |
Updated: 2021-09-17 |
||
| ID: CISEC:8903 |
Title: Windows User Profile Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8903 CVE-2021-34484 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8915 |
Title: Windows User Account Profile Picture Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8915 CVE-2021-26426 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8899 |
Title: Windows Update Medic Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8899 CVE-2021-36948 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8909 |
Title: Windows TCP/IP Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8909 CVE-2021-26424 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8894 |
Title: Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8894 CVE-2021-26432 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8895 |
Title: Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8895 CVE-2021-26433 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8902 |
Title: Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8902 CVE-2021-36926 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8911 |
Title: Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8911 CVE-2021-36933 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8914 |
Title: Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8914 CVE-2021-36932 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8908 |
Title: Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8908 CVE-2021-26431 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8898 |
Title: Windows Print Spooler Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8898 CVE-2021-34481 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. UPDATE August 10, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. This security update changes the Point and Print default behavior; please see KB5005652. | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8900 |
Title: Windows Print Spooler Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8900 CVE-2021-36936 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8913 |
Title: Windows Print Spooler Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8913 CVE-2021-36947 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8916 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8916 CVE-2021-34483 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8912 |
Title: Windows MSHTML Platform Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8912 CVE-2021-34534 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8897 |
Title: Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8897 CVE-2021-36937 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8906 |
Title: Windows LSA Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8906 CVE-2021-36942 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8920 |
Title: Windows Graphics Component Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8920 CVE-2021-34530 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8907 |
Title: Windows Graphics Component Font Parsing Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8907 CVE-2021-34533 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8893 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8893 CVE-2021-34486 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8905 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8905 CVE-2021-34487 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8921 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8921 CVE-2021-26425 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8917 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8917 CVE-2021-36934 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have the ability to execute code on a victim system to exploit this vulnerability. After installing this security update, you must manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. Simply installing this security update will not fully mitigate this vulnerability. See KB5005357- Delete Volume Shadow Copies. | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8919 |
Title: Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8919 CVE-2021-36927 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8896 |
Title: Windows Cryptographic Primitives Library Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8896 CVE-2021-36938 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8918 |
Title: Windows Bluetooth Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8918 CVE-2021-34537 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8904 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8904 CVE-2021-34536 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8910 |
Title: Scripting Engine Memory Corruption Vulnerability |
Type: Software |
Bulletins:
CISEC:8910 CVE-2021-34480 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8901 |
Title: Remote Desktop Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8901 CVE-2021-34535 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-09-10 |
Updated: 2024-01-17 |
||
| ID: CISEC:8885 |
Title: Multiple vulnerabilities on Illustrator 2021 version 25.2.3 and?earlier?versions |
Type: Software |
Bulletins:
CISEC:8885 |
Severity: Low |
| Description: Adobe Illustrator is affected by an use after free vulnerability. Successful exploitation could lead to arbitrary file system read. (CVE-2021-28593, CVE-2021-36008) Adobe Illustrator is affected by an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28591, CVE-2021-28592) Adobe Illustrator is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary file system read. (CVE-2021-36010) Adobe Illustrator is affected by an access of memory location after end of buffer vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-36009) | ||||
| Applies to: Adobe Illustrator |
Created: 2021-08-27 |
Updated: 2021-08-28 |
||
| ID: CISEC:8890 |
Title: Multiple vulnerabilities on Adobe Bridge version 11.0.2 and earlier versions |
Type: Software |
Bulletins:
CISEC:8890 |
Severity: Low |
| Description: Adobe Bridge is affected by a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28624) Adobe Bridge is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary file system read. (CVE-2021-35992) Adobe Bridge is affected by an improper input validation vulnerability. Successful exploitation could lead to arbitrary code execution.?(CVE-2021-35991) Adobe Bridge is affected by an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-35989, CVE-2021-35990) | ||||
| Applies to: Adobe Bridge |
Created: 2021-08-27 |
Updated: 2021-08-28 |
||
| ID: CISEC:8888 |
Title: Multiple vulnerabilities on Adobe Animate version 21.0.6 and?earlier versions |
Type: Software |
Bulletins:
CISEC:8888 |
Severity: Low |
| Description: Adobe Illustrator is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary file system read. (CVE-2021-28630) Adobe Illustrator is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to memory leak. (CVE-2021-28619) Adobe Illustrator is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2021-28617, CVE-2021-28618) Adobe Illustrator is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28621) Adobe Illustrator is affected by a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28620, CVE-2021-28629) Adobe Illustrator is affected by an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28622) | ||||
| Applies to: Adobe Animate |
Created: 2021-08-27 |
Updated: 2021-08-28 |
||
| ID: CISEC:8891 |
Title: Multiple vulnerabilities on Acrobat DC and Acrobat Reader DC version 2021.005.20054?and?earlier?versions, Acrobat 2020 and Acrobat Reader 2020 version 2020.004.30005 and earlier versions, Acrobat 2017 and Acrobat Reader... |
Type: Software |
Bulletins:
CISEC:8891 |
Severity: Low |
| Description: Adobe Acrobat and Acrobat Reader is affected by an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28640, CVE-2021-28641, CVE-2021-28639, CVE-2021-35983, CVE-2021-35981, CVE-2021-28635) Adobe Acrobat and Acrobat Reader is affected by a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28643) Adobe Acrobat and Acrobat Reader is affected by an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary file system write. (CVE-2021-28642) Adobe Acrobat and Acrobat Reader is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to memory leak. (CVE-2021-28637) Adobe Acrobat and Acrobat Reader is affected by a type confusion vulnerability. Successful exploitation could lead to arbitrary file system read, (CVE-2021-35986) Adobe Acrobat and Acrobat Reader is affected by a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28638) Adobe Acrobat and Acrobat Reader is affected by an uncontrolled search path element vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28636) Adobe Acrobat and Acrobat Reader is affected by an OS command injection vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28634) Adobe Acrobat and Acrobat Reader is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2021-35988, CVE-2021-35987) Adobe Acrobat and Acrobat Reader is affected by a path traversal vulnerability. Successful exploitation could lead to arbitrary file system read. (CVE-2021-35980, CVE-2021-28644) Adobe Acrobat and Acrobat Reader is affected by a NULL pointer dereference vulnerability. Successful exploitation could lead to application denial-of-service. (CVE-2021-35985, CVE-2021-35984) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat 2020 Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader 2020 Adobe Reader DC Continuous |
Created: 2021-08-27 |
Updated: 2021-08-28 |
||
| ID: CISEC:8892 |
Title: Multiple vulnerabilities on Acrobat DC and Acrobat Reader DC version 2021.001.20155?and?earlier?versions, Acrobat 2020 and Acrobat Reader 2020 version 2020.001.30025 and earlier versions, Acrobat 2017 and Acrobat Reader... |
Type: Software |
Bulletins:
CISEC:8892 |
Severity: Low |
| Description: Adobe Acrobat and Adobe Reader is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28554, CVE-2021-28551) Adobe Acrobat and Adobe Reader is affected by an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28552, CVE-2021-28631, CVE-2021-28632) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat 2020 Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader 2020 Adobe Reader DC Continuous |
Created: 2021-08-27 |
Updated: 2021-08-28 |
||
| ID: CISEC:8887 |
Title: Adobe Robohelp version 2020.0.3 |
Type: Software |
Bulletins:
CISEC:8887 |
Severity: Low |
| Description: Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with admin permissions to write to the file system could leverage this vulnerability to escalate privileges. (CVE-2021-21070) | ||||
| Applies to: Adobe RoboHelp |
Created: 2021-08-27 |
Updated: 2021-08-28 |
||
| ID: CISEC:8889 |
Title: Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file (CVE-2021-28548, CVE-2021-28549). |
Type: Software |
Bulletins:
CISEC:8889 |
Severity: Low |
| Description: Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-28548, CVE-2021-28549) | ||||
| Applies to: Adobe Photoshop |
Created: 2021-08-27 |
Updated: 2021-08-28 |
||
| ID: CISEC:8815 |
Title: Windows TCP/IP Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8815 CVE-2021-33772 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8817 |
Title: Windows TCP/IP Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8817 CVE-2021-31183 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8837 |
Title: Windows TCP/IP Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8837 CVE-2021-34490 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8791 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8791 CVE-2021-33783 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8826 |
Title: Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8826 CVE-2021-33757 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8806 |
Title: Windows Secure Kernel Mode Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8806 CVE-2021-33744 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8824 |
Title: Windows Remote Assistance Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8824 CVE-2021-34507 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8839 |
Title: Windows Remote Access Connection Manager Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8839 CVE-2021-34454 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8840 |
Title: Windows Remote Access Connection Manager Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8840 CVE-2021-33763 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8858 |
Title: Windows Remote Access Connection Manager Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8858 CVE-2021-34457 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8866 |
Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8866 CVE-2021-34456 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8823 |
Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8823 CVE-2021-33773 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8827 |
Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8827 CVE-2021-33761 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8836 |
Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8836 CVE-2021-34445 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8844 |
Title: Windows Projected File System Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8844 CVE-2021-33743 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8860 |
Title: Windows Print Spooler Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8860 CVE-2021-34527 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (Note: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ): HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting) UpdatePromptSettings = 0 (DWORD) or not defined (default setting) Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design. UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates. Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527. | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8796 |
Title: Windows Partition Management Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8796 CVE-2021-34493 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8868 |
Title: Windows MSHTML Platform Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8868 CVE-2021-34447 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8789 |
Title: Windows MSHTML Platform Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8789 CVE-2021-34497 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8813 |
Title: Windows Media Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8813 CVE-2021-33740 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8829 |
Title: Windows LSA Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8829 CVE-2021-33786 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8838 |
Title: Windows LSA Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8838 CVE-2021-33788 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8797 |
Title: Windows Key Distribution Center Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8797 CVE-2021-33764 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8853 |
Title: Windows Kernel Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8853 CVE-2021-34458 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8870 |
Title: Windows Kernel Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8870 CVE-2021-34508 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8825 |
Title: Windows Kernel Memory Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8825 CVE-2021-34500 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8816 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8816 CVE-2021-34514 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8828 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8828 CVE-2021-31979 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8833 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8833 CVE-2021-33771 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8846 |
Title: Windows InstallService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8846 CVE-2021-31961 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8834 |
Title: Windows Installer Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8834 CVE-2021-33765 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8805 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8805 CVE-2021-34511 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8848 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8848 CVE-2021-34450 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8832 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8832 CVE-2021-33755 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8798 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8798 CVE-2021-33758 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8831 |
Title: Windows HTML Platforms Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8831 CVE-2021-34446 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8859 |
Title: Windows Hello Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8859 CVE-2021-34466 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8863 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8863 CVE-2021-34496 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8862 |
Title: Windows GDI Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8862 CVE-2021-34498 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8793 |
Title: Windows Font Driver Host Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8793 CVE-2021-34438 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8812 |
Title: Windows File History Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8812 CVE-2021-34455 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8865 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8865 CVE-2021-33774 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8807 |
Title: Windows DNS Snap-in Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8807 CVE-2021-33756 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8822 |
Title: Windows DNS Snap-in Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8822 CVE-2021-33752 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8842 |
Title: Windows DNS Snap-in Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8842 CVE-2021-33750 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8787 |
Title: Windows DNS Snap-in Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8787 CVE-2021-33749 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8864 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8864 CVE-2021-33754 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8820 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8820 CVE-2021-34525 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8850 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8850 CVE-2021-33780 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8856 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8856 CVE-2021-33746 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8794 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8794 CVE-2021-34494 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8819 |
Title: Windows DNS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8819 CVE-2021-34444 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8857 |
Title: Windows DNS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8857 CVE-2021-33745 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8800 |
Title: Windows DNS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8800 CVE-2021-34442 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8799 |
Title: Windows DNS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8799 CVE-2021-34499 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8803 |
Title: Windows Desktop Bridge Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8803 CVE-2021-33759 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8808 |
Title: Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8808 CVE-2021-34461 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8810 |
Title: Windows Console Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8810 CVE-2021-34488 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8854 |
Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8854 CVE-2021-33784 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8861 |
Title: Windows Certificate Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8861 CVE-2021-34492 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8801 |
Title: Windows Authenticode Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8801 CVE-2021-33782 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8811 |
Title: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8811 CVE-2021-34462 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8821 |
Title: Windows AppContainer Elevation Of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8821 CVE-2021-34459 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8843 |
Title: Windows AF_UNIX Socket Provider Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8843 CVE-2021-33785 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8788 |
Title: Windows ADFS Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8788 CVE-2021-33779 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8852 |
Title: Windows Address Book Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8852 CVE-2021-34504 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8835 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8835 CVE-2021-34491 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8841 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8841 CVE-2021-34516 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8851 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8851 CVE-2021-34449 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8855 |
Title: Storage Spaces Controller Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8855 CVE-2021-34509 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8809 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8809 CVE-2021-34513 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8814 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8814 CVE-2021-34512 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8830 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8830 CVE-2021-34510 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8790 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8790 CVE-2021-34460 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8795 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8795 CVE-2021-33751 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8792 |
Title: Scripting Engine Memory Corruption Vulnerability |
Type: Software |
Bulletins:
CISEC:8792 CVE-2021-34448 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8802 |
Title: Raw Image Extension Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8802 CVE-2021-34521 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8867 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8867 CVE-2021-34503 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8847 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8847 CVE-2021-34441 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8786 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8786 CVE-2021-34439 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8818 |
Title: Media Foundation Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8818 CVE-2021-33760 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8849 |
Title: GDI+ Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8849 CVE-2021-34440 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8804 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8804 CVE-2021-34489 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8869 |
Title: Bowser.sys Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8869 CVE-2021-34476 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CISEC:8845 |
Title: Active Directory Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8845 CVE-2021-33781 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-08-13 |
Updated: 2024-01-17 |
||
| ID: CVE-2021-30560 |
Title: Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Type: Software |
Bulletins:
CVE-2021-30560 |
Severity: Medium |
| Description: Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| Applies to: Google Chrome |
Created: 2021-08-03 |
Updated: 2024-01-17 |
||
| ID: CISEC:8779 |
Title: Out-of-Bounds Read vulnerability on Adobe Media Encoder 15.1 and earlier versions |
Type: Software |
Bulletins:
CISEC:8779 |
Severity: Low |
| Description: Adobe Media Encoder is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2021-28569) | ||||
| Applies to: Adobe Media Encoder |
Created: 2021-07-23 |
Updated: 2021-07-23 |
||
| ID: CISEC:8773 |
Title: Multiple vulnerabilities on Illustrator 2021 version 25.2 and earlier versions |
Type: Software |
Bulletins:
CISEC:8773 |
Severity: Low |
| Description: Out-of-bounds write vulnerability that could lead to arbitrary code execution. (CVE-2021-21101) Memory corruption vulnerability that could lead to arbitrary code execution. (CVE-2021-21103, CVE-2021-21104, CVE-2021-21105) Path traversal vulnerability that could lead to arbitrary code execution. (CVE-2021-21102) | ||||
| Applies to: Adobe Illustrator |
Created: 2021-07-23 |
Updated: 2021-08-17 |
||
| ID: CISEC:8778 |
Title: Multiple vulnerabilities on Adobe InDesign 16.0 and earlier versions |
Type: Software |
Bulletins:
CISEC:8778 |
Severity: Low |
| Description: Out-of-bounds write that could lead to arbitrary code execution. (CVE-2021-21098, CVE-2021-21099) ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. Exploitation of this issue requires user interaction in order to be successful. (CVE-2021-21043) | ||||
| Applies to: Adobe InDesign |
Created: 2021-07-23 |
Updated: 2021-07-23 |
||
| ID: CISEC:8774 |
Title: Multiple vulnerabilities on Adobe Animate 21.0.5 and earlier versions |
Type: Software |
Bulletins:
CISEC:8774 |
Severity: Low |
| Description: Adobe Animate is affected by an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2021-28572, CVE-2021-28573, CVE-2021-28574, CVE-2021-28575, CVE-2021-28576) Adobe Animate is affected by use after free vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28578) Adobe Animate is affected by use out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2021-28577) | ||||
| Applies to: Adobe Animate |
Created: 2021-07-23 |
Updated: 2021-07-23 |
||
| ID: CISEC:8777 |
Title: Multiple vulnerabilities on Acrobat DC Continuous and Acrobat Reader DC Continuous versions 2021.001.20150 and earlier, Acrobat 2020 and Acrobat Reader 2020 versions 2020.001.30020 and earlier versions, Acrobat 2017 and... |
Type: Software |
Bulletins:
CISEC:8777 |
Severity: Low |
| Description: Buffer overflow that could lead to arbitrary code execution. (CVE-2021-28561) Heap-based buffer overflow that could lead to arbitrary code execution. (CVE-2021-28560, CVE-2021-28558) Out-of-bounds read that could lead to memory leak. (CVE-2021-28557) Out-of-bounds read that could lead to arbitrary file system read. (CVE-2021-28555) Out-of-bounds read that could lead to arbitrary code execution. (CVE-2021-28564) Out-of-bounds write that could lead to arbitrary code execution. (CVE-2021-28565) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21044, CVE-2021-21038) Out-of-bounds write that could lead to arbitrary code execution. (CVE-2021-21086) Exposure of private information that could lead to privilege escalation. (CVE-2021-28559) Use after tree that could lead to arbitrary code execution. (CVE-2021-28562, CVE-2021-28550, CVE-2021-28553) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat 2020 Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader 2020 Adobe Reader DC Continuous |
Created: 2021-07-23 |
Updated: 2021-07-23 |
||
| ID: CISEC:8754 |
Title: Windows TCP/IP Driver Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8754 CVE-2021-31970 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8762 |
Title: Windows Remote Desktop Services Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8762 CVE-2021-31968 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8760 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8760 CVE-2021-1675 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8771 |
Title: Windows NTLM Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8771 CVE-2021-31958 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8769 |
Title: Windows NTFS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8769 CVE-2021-31956 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8745 |
Title: Windows MSHTML Platform Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8745 CVE-2021-33742 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8751 |
Title: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8751 CVE-2021-31952 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8750 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8750 CVE-2021-31955 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8757 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8757 CVE-2021-31951 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8755 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8755 CVE-2021-31977 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8756 |
Title: Windows HTML Platform Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8756 CVE-2021-31971 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8763 |
Title: Windows GPSVC Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8763 CVE-2021-31973 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8752 |
Title: Windows Filter Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8752 CVE-2021-31953 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8766 |
Title: Windows DCOM Server Security Feature Bypass |
Type: Software |
Bulletins:
CISEC:8766 CVE-2021-26414 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8746 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8746 CVE-2021-31954 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8761 |
Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8761 CVE-2021-31969 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8748 |
Title: Windows Bind Filter Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8748 CVE-2021-31960 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8753 |
Title: Server for NFS Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8753 CVE-2021-31975 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8768 |
Title: Server for NFS Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8768 CVE-2021-31976 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8758 |
Title: Server for NFS Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8758 CVE-2021-31974 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8749 |
Title: Scripting Engine Memory Corruption Vulnerability |
Type: Software |
Bulletins:
CISEC:8749 CVE-2021-31959 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8747 |
Title: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8747 CVE-2021-31201 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8764 |
Title: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8764 CVE-2021-31199 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8765 |
Title: Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8765 CVE-2021-33739 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8767 |
Title: Kerberos AppContainer Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8767 CVE-2021-31962 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8770 |
Title: Event Tracing for Windows Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8770 CVE-2021-31972 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-07-09 |
Updated: 2024-01-17 |
||
| ID: CISEC:8740 |
Title: Multiple vulnerabilities in Adobe Acrobat and Reader versions 2020.013.20074 and earlier, 2020.001.30018 and earlier, and 2017.011.30188 and earlier |
Type: Software |
Bulletins:
CISEC:8740 |
Severity: Low |
| Description: Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21046) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21017) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21037) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21036) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulnerability to elevate privileges in the context of the current user. (CVE-2021-21045) Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21061) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21057) Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21060) Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21042) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally elevate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21034) Out-of-bounds Read (CVE-2021-21089) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21044, CVE-2021-21038) Out-of-bounds Write (CVE-2021-21086) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21058, CVE-2021-21059, CVE-2021-21062, CVE-2021-21063) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21041, CVE-2021-21040, CVE-2021-21039, CVE-2021-21035, CVE-2021-21033, CVE-2021-21028, CVE-2021-21021) Use After Free (CVE-2021-21088) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker would have the ability to completely manipulate data in a certified PDF without invalidating the original certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file. (CVE-2021-28545) Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file. (CVE-2021-28546) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat 2020 Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader 2020 Adobe Reader DC Continuous |
Created: 2021-07-02 |
Updated: 2021-07-02 |
||
| ID: CISEC:8741 |
Title: Multiple vulnerabilities in Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier |
Type: Software |
Bulletins:
CISEC:8741 |
Severity: Low |
| Description: Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution (CVE-2020-9612) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a race condition vulnerability. Successful exploitation could lead to security feature bypass. (CVE-2020-9615) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to application denial-of-service. (CVE-2020-9611) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a null pointer vulnerability. Successful exploitation could lead to application denial-of-service. (CVE-2020-9610) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9597, CVE-2020-9594) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass. (CVE-2020-9614, CVE-2020-9613, CVE-2020-9596, CVE-2020-9592) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-9609, CVE-2020-9608, CVE-2020-9603, CVE-2020-9602, CVE-2020-9601, CVE-2020-9600, CVE-2020-9599) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9605, CVE-2020-9604) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. (CVE-2020-9607, CVE-2020-9606) Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability. Successful exploitation could lead to information disclosure. (CVE-2020-9598, CVE-2020-9595, CVE-2020-9593) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat DC Classic Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader DC Classic Adobe Reader DC Continuous |
Created: 2021-07-02 |
Updated: 2021-07-02 |
||
| ID: CISEC:8723 |
Title: Windows Wireless Networking Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8723 CVE-2020-24588 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8725 |
Title: Windows Wireless Networking Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8725 CVE-2020-26144 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8721 |
Title: Windows Wireless Networking Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8721 CVE-2020-24587 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8730 |
Title: Windows WalletService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8730 CVE-2021-31187 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8734 |
Title: Windows SSDP Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8734 CVE-2021-31193 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8715 |
Title: Windows SMB Client Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8715 CVE-2021-31205 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8724 |
Title: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8724 CVE-2021-31186 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8726 |
Title: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8726 CVE-2021-31191 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8728 |
Title: Windows Media Foundation Core Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8728 CVE-2021-31192 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8722 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8722 CVE-2021-31188 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8732 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8732 CVE-2021-31170 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8718 |
Title: Windows Desktop Bridge Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8718 CVE-2021-31185 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8719 |
Title: Windows CSC Service Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8719 CVE-2021-28479 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8717 |
Title: Windows Container Manager Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8717 CVE-2021-31168 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8720 |
Title: Windows Container Manager Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8720 CVE-2021-31169 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8727 |
Title: Windows Container Manager Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8727 CVE-2021-31167 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8729 |
Title: Windows Container Manager Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8729 CVE-2021-31208 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8737 |
Title: Windows Container Manager Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8737 CVE-2021-31165 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8735 |
Title: Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8735 CVE-2021-31190 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8733 |
Title: OLE Automation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8733 CVE-2021-31194 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8731 |
Title: Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8731 CVE-2021-31184 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8716 |
Title: Microsoft Bluetooth Driver Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8716 CVE-2021-31182 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8736 |
Title: Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8736 CVE-2021-28476 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8738 |
Title: HTTP Protocol Stack Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8738 CVE-2021-31166 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-06-11 |
Updated: 2024-01-17 |
||
| ID: CISEC:8691 |
Title: Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8691 CVE-2021-28316 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8677 |
Title: Windows TCP/IP Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8677 CVE-2021-28442 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8684 |
Title: Windows TCP/IP Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8684 CVE-2021-28319 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8709 |
Title: Windows TCP/IP Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8709 CVE-2021-28439 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8665 |
Title: Windows Speech Runtime Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8665 CVE-2021-28436 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8700 |
Title: Windows Speech Runtime Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8700 CVE-2021-28347 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8706 |
Title: Windows Speech Runtime Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8706 CVE-2021-28351 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8644 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8644 CVE-2021-28325 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8701 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8701 CVE-2021-28324 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8687 |
Title: Windows Services and Controller App Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8687 CVE-2021-27086 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8663 |
Title: Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8663 CVE-2021-27090 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8678 |
Title: Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8678 CVE-2021-28320 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8688 |
Title: Windows Portmapping Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8688 CVE-2021-28446 |
Severity: Low |
| Description: N/A | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8692 |
Title: Windows Overlay Filter Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8692 CVE-2021-26417 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8651 |
Title: Windows NTFS Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8651 CVE-2021-28312 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8649 |
Title: Windows Network File System Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8649 CVE-2021-28445 |
Severity: Medium |
| Description: N/A | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8696 |
Title: Windows Media Video Decoder Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8696 CVE-2021-28315 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8705 |
Title: Windows Media Video Decoder Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8705 CVE-2021-27095 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8680 |
Title: Windows Media Photo Codec Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8680 CVE-2021-27079 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8645 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8645 CVE-2021-27093 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8661 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8661 CVE-2021-28309 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8671 |
Title: Windows Installer Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:8671 CVE-2021-26413 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8652 |
Title: Windows Installer Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8652 CVE-2021-28437 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8682 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8682 CVE-2021-28440 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8699 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8699 CVE-2021-26415 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8693 |
Title: Windows Hyper-V Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8693 CVE-2021-28444 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8657 |
Title: Windows Hyper-V Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8657 CVE-2021-28441 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8676 |
Title: Windows Hyper-V Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8676 CVE-2021-28314 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8640 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8640 CVE-2021-26416 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8666 |
Title: Windows GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8666 CVE-2021-28349 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8702 |
Title: Windows GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8702 CVE-2021-28350 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8707 |
Title: Windows GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8707 CVE-2021-28348 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8675 |
Title: Windows GDI+ Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8675 CVE-2021-28318 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8660 |
Title: Windows Event Tracing Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8660 CVE-2021-28435 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8642 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8642 CVE-2021-27088 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8653 |
Title: Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8653 CVE-2021-27094 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8697 |
Title: Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8697 CVE-2021-28447 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8674 |
Title: Windows DNS Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8674 CVE-2021-28328 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8683 |
Title: Windows DNS Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8683 CVE-2021-28323 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8638 |
Title: Windows Console Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8638 CVE-2021-28438 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8690 |
Title: Windows Console Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8690 CVE-2021-28443 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8712 |
Title: Windows AppX Deployment Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8712 CVE-2021-28326 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8670 |
Title: Windows Application Compatibility Cache Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8670 CVE-2021-28311 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8641 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8641 CVE-2021-28310 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8668 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8668 CVE-2021-27072 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8639 |
Title: RPC Endpoint Mapper Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8639 CVE-2021-27091 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8643 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8643 CVE-2021-28357 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8646 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8646 CVE-2021-28335 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8647 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8647 CVE-2021-28358 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8648 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8648 CVE-2021-28336 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8650 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8650 CVE-2021-28338 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8655 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8655 CVE-2021-28341 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8656 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8656 CVE-2021-28340 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8658 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8658 CVE-2021-28342 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8659 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8659 CVE-2021-28339 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8662 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8662 CVE-2021-28345 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8667 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8667 CVE-2021-28333 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8669 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8669 CVE-2021-28332 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8672 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8672 CVE-2021-28334 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8679 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8679 CVE-2021-28331 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8681 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8681 CVE-2021-28356 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8685 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8685 CVE-2021-28344 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8686 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8686 CVE-2021-28354 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8689 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8689 CVE-2021-28346 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8694 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8694 CVE-2021-28327 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8695 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8695 CVE-2021-28352 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8698 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8698 CVE-2021-28353 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8703 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8703 CVE-2021-28343 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8704 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8704 CVE-2021-28355 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8708 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8708 CVE-2021-28337 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8711 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8711 CVE-2021-28329 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8713 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8713 CVE-2021-28330 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8714 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8714 CVE-2021-28434 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8654 |
Title: NTFS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8654 CVE-2021-27096 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8673 |
Title: Microsoft Windows Codecs Library Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8673 CVE-2021-28317 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8710 |
Title: Microsoft Internet Messaging API Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8710 CVE-2021-27089 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8664 |
Title: Azure AD Web Sign-in Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8664 CVE-2021-27092 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-05-14 |
Updated: 2024-01-17 |
||
| ID: CISEC:8621 |
Title: Windows Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8621 CVE-2021-26900 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8623 |
Title: Windows Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8623 CVE-2021-27077 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8603 |
Title: Windows Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8603 CVE-2021-26863 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8610 |
Title: Windows Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8610 CVE-2021-26875 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8629 |
Title: Windows WalletService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8629 CVE-2021-26871 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8600 |
Title: Windows WalletService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8600 CVE-2021-26885 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8636 |
Title: Windows Virtual Registry Provider Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8636 CVE-2021-26864 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8616 |
Title: Windows User Profile Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8616 CVE-2021-26873 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8611 |
Title: Windows UPnP Device Host Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8611 CVE-2021-26899 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8635 |
Title: Windows Update Stack Setup Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8635 CVE-2021-1729 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8615 |
Title: Windows Update Stack Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8615 CVE-2021-26889 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8628 |
Title: Windows Update Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8628 CVE-2021-26866 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8612 |
Title: Windows Projected File System Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8612 CVE-2021-26870 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8627 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8627 CVE-2021-26878 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8631 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8631 CVE-2021-1640 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8595 |
Title: Windows Overlay Filter Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8595 CVE-2021-26874 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8591 |
Title: Windows NAT Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8591 CVE-2021-26879 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8607 |
Title: Windows Media Photo Codec Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8607 CVE-2021-26884 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8626 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8626 CVE-2021-26862 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8604 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8604 CVE-2021-26867 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8625 |
Title: Windows Graphics Component Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8625 CVE-2021-26861 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8594 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8594 CVE-2021-26868 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8633 |
Title: Windows Extensible Firmware Interface Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8633 CVE-2021-26892 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8613 |
Title: Windows Event Tracing Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8613 CVE-2021-24107 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8637 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8637 CVE-2021-26872 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8597 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8597 CVE-2021-26898 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8609 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8609 CVE-2021-26901 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8632 |
Title: Windows Error Reporting Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8632 CVE-2021-24090 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8614 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8614 CVE-2021-26894 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8624 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8624 CVE-2021-26897 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8592 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8592 CVE-2021-26877 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8598 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8598 CVE-2021-26893 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8605 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8605 CVE-2021-26895 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8617 |
Title: Windows DNS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8617 CVE-2021-27063 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8602 |
Title: Windows DNS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8602 CVE-2021-26896 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8618 |
Title: Windows Container Execution Agent Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8618 CVE-2021-26891 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8630 |
Title: Windows Container Execution Agent Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8630 CVE-2021-26865 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8608 |
Title: Windows App-V Overlay Filter Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8608 CVE-2021-26860 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8599 |
Title: Windows ActiveX Installer Service Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8599 CVE-2021-26869 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8606 |
Title: Windows 10 Update Assistant Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8606 CVE-2021-27070 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8601 |
Title: User Profile Service Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8601 CVE-2021-26886 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8622 |
Title: Storage Spaces Controller Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8622 CVE-2021-26880 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8590 |
Title: Remote Access API Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8590 CVE-2021-26882 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8634 |
Title: OpenType Font Parsing Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8634 CVE-2021-26876 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8596 |
Title: Microsoft Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8596 CVE-2020-17162 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8620 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8620 CVE-2021-26881 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8619 |
Title: DirectX Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8619 CVE-2021-24095 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8593 |
Title: Application Virtualization Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8593 CVE-2021-26890 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-04-16 |
Updated: 2024-01-17 |
||
| ID: CISEC:8562 |
Title: Windows Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8562 CVE-2021-1698 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8589 |
Title: Windows Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8589 CVE-2021-1732 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8580 |
Title: Windows Trust Verification API Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8580 CVE-2021-24080 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8576 |
Title: Windows TCP/IP Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8576 CVE-2021-24074 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8579 |
Title: Windows TCP/IP Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8579 CVE-2021-24094 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8577 |
Title: Windows TCP/IP Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8577 CVE-2021-24086 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8586 |
Title: Windows Remote Procedure Call Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8586 CVE-2021-1734 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8574 |
Title: Windows PKU2U Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8574 CVE-2021-25195 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8584 |
Title: Windows Network File System Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8584 CVE-2021-24075 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8569 |
Title: Windows Mobile Device Management Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8569 CVE-2021-24084 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8563 |
Title: Windows Local Spooler Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8563 CVE-2021-24088 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8582 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8582 CVE-2021-24096 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8566 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8566 CVE-2021-1727 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8585 |
Title: Windows Graphics Component Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8585 CVE-2021-24093 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8573 |
Title: Windows Fax Service Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8573 CVE-2021-1722 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8581 |
Title: Windows Fax Service Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8581 CVE-2021-24077 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8570 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8570 CVE-2021-24103 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8583 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8583 CVE-2021-24102 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8567 |
Title: Windows DNS Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8567 CVE-2021-24078 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8564 |
Title: Windows DirectX Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8564 CVE-2021-24106 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8571 |
Title: Windows Console Driver Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8571 CVE-2021-24098 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8565 |
Title: Windows Camera Codec Pack Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8565 CVE-2021-24091 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8575 |
Title: Windows Backup Engine Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8575 CVE-2021-24079 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8588 |
Title: Windows Address Book Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8588 CVE-2021-24083 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8572 |
Title: PFX Encryption Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8572 CVE-2021-1731 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8587 |
Title: Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8587 CVE-2021-24082 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8578 |
Title: Microsoft Windows VMSwitch Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8578 CVE-2021-24076 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8568 |
Title: Microsoft Windows Codecs Library Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8568 CVE-2021-24081 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-03-17 |
Updated: 2024-01-17 |
||
| ID: CISEC:8545 |
Title: Windows WLAN Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8545 CVE-2021-1646 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8516 |
Title: Windows Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8516 CVE-2021-1709 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8505 |
Title: Windows WalletService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8505 CVE-2021-1681 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8528 |
Title: Windows WalletService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8528 CVE-2021-1686 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8550 |
Title: Windows WalletService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8550 CVE-2021-1687 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8559 |
Title: Windows WalletService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8559 CVE-2021-1690 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8537 |
Title: Windows Update Stack Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8537 CVE-2021-1694 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8529 |
Title: Windows Runtime C++ Template Library Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8529 CVE-2021-1650 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8532 |
Title: Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8532 CVE-2021-1702 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8542 |
Title: Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8542 CVE-2021-1674 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8503 |
Title: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8503 CVE-2021-1672 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8513 |
Title: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8513 CVE-2021-1670 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8523 |
Title: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8523 CVE-2021-1663 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8522 |
Title: Windows Print Spooler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8522 CVE-2021-1695 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8555 |
Title: Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8555 CVE-2021-1676 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8515 |
Title: Windows Multipoint Management Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8515 CVE-2021-1689 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8548 |
Title: Windows LUAFV Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8548 CVE-2021-1706 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8534 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8534 CVE-2021-1682 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8560 |
Title: Windows InstallService Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8560 CVE-2021-1697 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8506 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8506 CVE-2021-1661 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8538 |
Title: Windows Hyper-V Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8538 CVE-2021-1704 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8527 |
Title: Windows Graphics Component Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8527 CVE-2021-1696 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8554 |
Title: Windows GDI+ Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8554 CVE-2021-1708 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8518 |
Title: Windows Fax Compose Form Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8518 CVE-2021-1657 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8543 |
Title: Windows Event Tracing Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8543 CVE-2021-1662 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8541 |
Title: Windows Event Logging Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8541 CVE-2021-1703 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8552 |
Title: Windows Docker Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8552 CVE-2021-1645 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8540 |
Title: Windows DNS Query Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8540 CVE-2021-1637 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8504 |
Title: Windows CSC Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8504 CVE-2021-1654 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8510 |
Title: Windows CSC Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8510 CVE-2021-1693 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8519 |
Title: Windows CSC Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8519 CVE-2021-1652 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8535 |
Title: Windows CSC Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8535 CVE-2021-1659 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8553 |
Title: Windows CSC Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8553 CVE-2021-1688 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8556 |
Title: Windows CSC Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8556 CVE-2021-1655 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8561 |
Title: Windows CSC Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8561 CVE-2021-1653 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8520 |
Title: Windows CryptoAPI Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8520 CVE-2021-1679 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8536 |
Title: Windows Bluetooth Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8536 CVE-2021-1684 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8530 |
Title: Windows Bluetooth Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8530 CVE-2021-1638 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8557 |
Title: Windows Bluetooth Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8557 CVE-2021-1683 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8512 |
Title: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8512 CVE-2021-1685 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8524 |
Title: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8524 CVE-2021-1642 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8511 |
Title: Windows (modem.sys) Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8511 CVE-2021-1699 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8507 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8507 CVE-2021-1667 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8539 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8539 CVE-2021-1673 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8517 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8517 CVE-2021-1664 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8521 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8521 CVE-2021-1658 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8525 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8525 CVE-2021-1701 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8526 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8526 CVE-2021-1660 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8533 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8533 CVE-2021-1671 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8546 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8546 CVE-2021-1700 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8547 |
Title: Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8547 CVE-2021-1666 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8549 |
Title: NTLM Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8549 CVE-2021-1678 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8531 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8531 CVE-2021-1710 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8558 |
Title: Microsoft splwow64 Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8558 CVE-2021-1648 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8514 |
Title: Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8514 CVE-2021-1668 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8508 |
Title: Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8508 CVE-2021-1692 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8551 |
Title: Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:8551 CVE-2021-1691 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8509 |
Title: GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8509 CVE-2021-1665 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8544 |
Title: Active Template Library Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8544 CVE-2021-1649 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-02-12 |
Updated: 2024-01-17 |
||
| ID: CISEC:8502 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8502 CVE-2020-17140 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8482 |
Title: Windows Overlay Filter Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8482 CVE-2020-17139 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8487 |
Title: Windows NTFS Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8487 CVE-2020-17096 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8498 |
Title: Windows Network Connections Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8498 CVE-2020-17092 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8492 |
Title: Windows Lock Screen Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8492 CVE-2020-17099 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8489 |
Title: Windows GDI+ Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8489 CVE-2020-17098 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8481 |
Title: Windows Error Reporting Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8481 CVE-2020-17138 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8500 |
Title: Windows Error Reporting Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:8500 CVE-2020-17094 |
Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8483 |
Title: Windows Digital Media Receiver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8483 CVE-2020-17097 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8488 |
Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8488 CVE-2020-17136 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8490 |
Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8490 CVE-2020-17134 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8501 |
Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8501 CVE-2020-17103 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8484 |
Title: Windows Backup Engine Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8484 CVE-2020-16960 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8485 |
Title: Windows Backup Engine Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8485 CVE-2020-16962 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8491 |
Title: Windows Backup Engine Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8491 CVE-2020-16959 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8493 |
Title: Windows Backup Engine Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8493 CVE-2020-16958 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8495 |
Title: Windows Backup Engine Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8495 CVE-2020-16964 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8497 |
Title: Windows Backup Engine Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8497 CVE-2020-16961 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8499 |
Title: Windows Backup Engine Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8499 CVE-2020-16963 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8494 |
Title: Kerberos Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:8494 CVE-2020-16996 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8496 |
Title: Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:8496 CVE-2020-17095 |
Severity: High |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
| ID: CISEC:8486 |
Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:8486 CVE-2020-17137 |
Severity: Medium |
| Description: | ||||
| Applies to: |
Created: 2021-01-08 |
Updated: 2024-01-17 |
||
