CVE List - 2021 / March
Showing 501 - 600 of 1447 CVEs for March 2021 (Page 6 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-26860 | 2021-03-11 | Windows App-V Overlay Filter Elevation of Privilege Vulnerability |
| CVE-2021-26861 | 2021-03-11 | Windows Graphics Component Remote Code Execution Vulnerability |
| CVE-2021-26862 | 2021-03-11 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2021-26863 | 2021-03-11 | Windows Win32k Elevation of Privilege Vulnerability |
| CVE-2021-26864 | 2021-03-11 | Windows Virtual Registry Provider Elevation of Privilege Vulnerability |
| CVE-2021-26865 | 2021-03-11 | Windows Container Execution Agent Elevation of Privilege Vulnerability |
| CVE-2021-26866 | 2021-03-11 | Windows Update Service Elevation of Privilege Vulnerability |
| CVE-2021-26867 | 2021-03-11 | Windows Hyper-V Remote Code Execution Vulnerability |
| CVE-2021-26868 | 2021-03-11 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2021-26869 | 2021-03-11 | Windows ActiveX Installer Service Information Disclosure Vulnerability |
| CVE-2021-26870 | 2021-03-11 | Windows Projected File System Elevation of Privilege Vulnerability |
| CVE-2021-26871 | 2021-03-11 | Windows WalletService Elevation of Privilege Vulnerability |
| CVE-2021-26872 | 2021-03-11 | Windows Event Tracing Elevation of Privilege Vulnerability |
| CVE-2021-26873 | 2021-03-11 | Windows User Profile Service Elevation of Privilege Vulnerability |
| CVE-2021-26874 | 2021-03-11 | Windows Overlay Filter Elevation of Privilege Vulnerability |
| CVE-2021-26875 | 2021-03-11 | Windows Win32k Elevation of Privilege Vulnerability |
| CVE-2021-26876 | 2021-03-11 | OpenType Font Parsing Remote Code Execution Vulnerability |
| CVE-2021-26877 | 2021-03-11 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2021-26878 | 2021-03-11 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2021-26879 | 2021-03-11 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |
| CVE-2021-26880 | 2021-03-11 | Storage Spaces Controller Elevation of Privilege Vulnerability |
| CVE-2021-26881 | 2021-03-11 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
| CVE-2021-26882 | 2021-03-11 | Remote Access API Elevation of Privilege Vulnerability |
| CVE-2021-26884 | 2021-03-11 | Windows Media Photo Codec Information Disclosure Vulnerability |
| CVE-2021-26885 | 2021-03-11 | Windows WalletService Elevation of Privilege Vulnerability |
| CVE-2021-26886 | 2021-03-11 | User Profile Service Denial of Service Vulnerability |
| CVE-2021-26887 | 2021-03-11 | Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability |
| CVE-2021-26889 | 2021-03-11 | Windows Update Stack Elevation of Privilege Vulnerability |
| CVE-2021-26890 | 2021-03-11 | Application Virtualization Remote Code Execution Vulnerability |
| CVE-2021-26891 | 2021-03-11 | Windows Container Execution Agent Elevation of Privilege Vulnerability |
| CVE-2021-26892 | 2021-03-11 | Windows Extensible Firmware Interface Security Feature Bypass Vulnerability |
| CVE-2021-26893 | 2021-03-11 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2021-26894 | 2021-03-11 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2021-26895 | 2021-03-11 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2021-26896 | 2021-03-11 | Windows DNS Server Denial of Service Vulnerability |
| CVE-2021-26897 | 2021-03-11 | Windows DNS Server Remote Code Execution Vulnerability |
| CVE-2021-26898 | 2021-03-11 | Windows Event Tracing Elevation of Privilege Vulnerability |
| CVE-2021-26899 | 2021-03-11 | Windows UPnP Device Host Elevation of Privilege Vulnerability |
| CVE-2021-26900 | 2021-03-11 | Windows Win32k Elevation of Privilege Vulnerability |
| CVE-2021-26901 | 2021-03-11 | Windows Event Tracing Elevation of Privilege Vulnerability |
| CVE-2021-26902 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27047 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27048 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27049 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27050 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27051 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27052 | 2021-03-11 | Microsoft SharePoint Server Information Disclosure Vulnerability |
| CVE-2021-27053 | 2021-03-11 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2021-27054 | 2021-03-11 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2021-27085 | 2021-03-11 | Internet Explorer Remote Code Execution Vulnerability |
| CVE-2021-27084 | 2021-03-11 | Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability |
| CVE-2021-27083 | 2021-03-11 | Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2021-27082 | 2021-03-11 | Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2021-27081 | 2021-03-11 | Visual Studio Code ESLint Extension Remote Code Execution Vulnerability |
| CVE-2021-27080 | 2021-03-11 | Azure Sphere Unsigned Code Execution Vulnerability |
| CVE-2021-27055 | 2021-03-11 | Microsoft Visio Security Feature Bypass Vulnerability |
| CVE-2021-27056 | 2021-03-11 | Microsoft PowerPoint Remote Code Execution Vulnerability |
| CVE-2021-27057 | 2021-03-11 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2021-27058 | 2021-03-11 | Microsoft Office ClickToRun Remote Code Execution Vulnerability |
| CVE-2021-27059 | 2021-03-11 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2021-27060 | 2021-03-11 | Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2021-27061 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27062 | 2021-03-11 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-27063 | 2021-03-11 | Windows DNS Server Denial of Service Vulnerability |
| CVE-2021-27066 | 2021-03-11 | Windows Admin Center Security Feature Bypass Vulnerability |
| CVE-2021-27070 | 2021-03-11 | Windows 10 Update Assistant Elevation of Privilege Vulnerability |
| CVE-2021-27074 | 2021-03-11 | Azure Sphere Unsigned Code Execution Vulnerability |
| CVE-2021-27075 | 2021-03-11 | Azure Virtual Machine Information Disclosure Vulnerability |
| CVE-2021-27076 | 2021-03-11 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2021-27077 | 2021-03-11 | Windows Win32k Elevation of Privilege Vulnerability |
| CVE-2021-28144 | 2021-03-11 | prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely. |
| CVE-2021-26776 | 2021-03-11 | CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerability in multiple pages through the field name. |
| CVE-2021-27677 | 2021-03-11 | Cross-site scripting (XSS) vulnerability in Galleries in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. |
| CVE-2021-27678 | 2021-03-11 | Cross-site scripting (XSS) vulnerability in Snippets in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. |
| CVE-2021-27679 | 2021-03-11 | Cross-site scripting (XSS) vulnerability in Navigation in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name. |
| CVE-2021-28088 | 2021-03-11 | Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field. |
| CVE-2021-28141 | 2021-03-11 | An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the attacker to gain unauthorized... |
| CVE-2020-14987 | 2021-03-11 | An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary code because there is a mishandling of the capability for administrators... |
| CVE-2020-14988 | 2021-03-11 | An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows XSS in the login page via the loginmessage parameter, the text editor via the src attribute... |
| CVE-2020-14989 | 2021-03-11 | An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended. |
| CVE-2020-29045 | 2021-03-11 | The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-manager.php. |
| CVE-2021-20261 | 2021-03-11 | A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the... |
| CVE-2021-22714 | 2021-03-11 | A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 (All versions prior to V3.0.0), which could cause the meter... |
| CVE-2021-22713 | 2021-03-11 | A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 (see security notifcation for affected versions), which could... |
| CVE-2021-22711 | 2021-03-11 | A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary... |
| CVE-2020-36277 | 2021-03-11 | Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c. |
| CVE-2021-22712 | 2021-03-11 | A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary... |
| CVE-2021-22710 | 2021-03-11 | A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code... |
| CVE-2021-22709 | 2021-03-11 | A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in loss... |
| CVE-2021-28153 | 2021-03-11 | An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target... |
| CVE-2020-24984 | 2021-03-11 | An issue was discovered in Quadbase EspressReports ES 7 Update 9. It allows CSRF, whereby an attacker may be able to trick an authenticated admin level user into uploading malicious... |
| CVE-2021-28154 | 2021-03-11 | Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile... |
| CVE-2016-20009 | 2021-03-11 | A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer |
| CVE-2020-24983 | 2021-03-11 | An issue was discovered in Quadbase EspressReports ES 7 Update 9. An unauthenticated attacker can create a malicious HTML file that houses a POST request made to the DashboardBuilder within... |
| CVE-2021-28143 | 2021-03-11 | /jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools). |
| CVE-2020-36278 | 2021-03-11 | Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. |
| CVE-2021-21366 | 2021-03-12 | Misinterpretation of malicious XML input |
| CVE-2020-36279 | 2021-03-12 | Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c. |
| CVE-2020-36280 | 2021-03-12 | Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c. |
| CVE-2020-36281 | 2021-03-12 | Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c. |