Total
35090 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24816 | 1 Phoenix Media Rename Project | 1 Phoenix Media Rename | 2024-11-21 | 4.3 Medium |
| The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenix_media_rename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own. | ||||
| CVE-2021-24781 | 1 Imagesourcecontrol | 1 Image Source Control | 2024-11-21 | 4.3 Medium |
| The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to edit) | ||||
| CVE-2021-24698 | 1 Tipsandtricks-hq | 1 Simple Download Monitor | 2024-11-21 | 4.3 Medium |
| The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the download. | ||||
| CVE-2021-24189 | 1 Wp-buy | 1 Captchinoo | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24115 | 1 Botan Project | 1 Botan | 2024-11-21 | 9.8 Critical |
| In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex). | ||||
| CVE-2021-24114 | 1 Microsoft | 1 Teams | 2024-11-21 | 5.7 Medium |
| Microsoft Teams iOS Information Disclosure Vulnerability | ||||
| CVE-2021-24113 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 5.4 Medium |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||||
| CVE-2021-24112 | 1 Microsoft | 4 .net, .net Core, Mono and 1 more | 2024-11-21 | 8.1 High |
| .NET Core Remote Code Execution Vulnerability | ||||
| CVE-2021-24111 | 1 Microsoft | 10 .net, .net Framework, Windows 10 and 7 more | 2024-11-21 | 7.5 High |
| .NET Framework Denial of Service Vulnerability | ||||
| CVE-2021-24110 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-24109 | 1 Microsoft | 1 Azure Kubernetes Service | 2024-11-21 | 6.8 Medium |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-24108 | 1 Microsoft | 3 365 Apps, Excel, Office | 2024-11-21 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2021-24107 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Windows Event Tracing Information Disclosure Vulnerability | ||||
| CVE-2021-24106 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 5.5 Medium |
| Windows DirectX Information Disclosure Vulnerability | ||||
| CVE-2021-24104 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 4.6 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-24103 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
| Windows Event Tracing Elevation of Privilege Vulnerability | ||||
| CVE-2021-24101 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 6.5 Medium |
| Microsoft Dataverse Information Disclosure Vulnerability | ||||
| CVE-2021-24100 | 1 Microsoft | 1 Edge | 2024-11-21 | 5 Medium |
| Microsoft Edge for Android Information Disclosure Vulnerability | ||||
| CVE-2021-24099 | 1 Microsoft | 2 Lync Server, Skype For Business Server | 2024-11-21 | 6.5 Medium |
| Skype for Business and Lync Denial of Service Vulnerability | ||||
| CVE-2021-24098 | 1 Microsoft | 10 Windows 10, Windows 10 1803, Windows 10 1809 and 7 more | 2024-11-21 | 5.5 Medium |
| Windows Console Driver Denial of Service Vulnerability | ||||