31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 801–850 of 1,619 in KEV · page 17 of 33
| ID | Title | Summary |
|---|---|---|
| CVE-2021-31010 | Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability KEVApple | In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions. |
| CVE-2021-30983 | Apple iOS and iPadOS Buffer Overflow Vulnerability KEVApple | Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges. |
| CVE-2021-30952 | Apple Multiple Products Integer Overflow or Wraparound Vulnerability KEVApple | Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content … |
| CVE-2021-30900 | Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability KEVApple | Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with… |
| CVE-2021-30883 | Apple Multiple Products Memory Corruption Vulnerability KEVApple | Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for remote code execution. |
| CVE-2021-30869 | Apple iOS, iPadOS, and macOS Type Confusion Vulnerability KEVApple | Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges. |
| CVE-2021-30860 | Apple Multiple Products Integer Overflow Vulnerability KEVApple | Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously craft… |
| CVE-2021-30858 | Apple iOS, iPadOS, macOS Use-After-Free Vulnerability KEVApple | Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This v… |
| CVE-2021-30807 | Apple Multiple Products Memory Corruption Vulnerability KEVApple | Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel … |
| CVE-2021-30762 | Apple iOS WebKit Use-After-Free Vulnerability KEVApple | Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could… |
| CVE-2021-30761 | Apple iOS WebKit Memory Corruption Vulnerability KEVApple | Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability co… |
| CVE-2021-30713 | Apple macOS Unspecified Vulnerability KEVApple | Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy prefer… |
| CVE-2021-30666 | Apple iOS WebKit Buffer Overflow Vulnerability KEVApple | Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability coul… |
| CVE-2021-30665 | Apple Multiple Products WebKit Memory Corruption Vulnerability KEVApple | Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted w… |
| CVE-2021-30663 | Apple Multiple Products WebKit Integer Overflow Vulnerability KEVApple | Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted we… |
| CVE-2021-30661 | Apple Multiple Products WebKit Storage Use-After-Free Vulnerability KEVApple | Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciou… |
| CVE-2021-30657 | Apple macOS Unspecified Vulnerability KEVApple | Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks. |
| CVE-2021-30633 | Google Chromium Indexed DB API Use-After-Free Vulnerability KEVGoogle | Google Chromium Indexed DB API contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially … |
| CVE-2021-30632 | Google Chromium V8 Out-of-Bounds Write Vulnerability KEVGoogle | Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML… |
| CVE-2021-30563 | Google Chromium V8 Type Confusion Vulnerability KEVGoogle | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.… |
| CVE-2021-30554 | Google Chromium WebGL Use-After-Free Vulnerability KEVGoogle | Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. Thi… |
| CVE-2021-30551 | Google Chromium V8 Type Confusion Vulnerability KEVGoogle | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.… |
| CVE-2021-30533 | Google Chromium PopupBlocker Security Bypass Vulnerability KEVGoogle | Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a cr… |
| CVE-2021-30116 | Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability KEVKaseya | Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used… |
| CVE-2021-29256 | Arm Mali GPU Kernel Driver Use-After-Free Vulnerability KEVArm | Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information. |
| CVE-2021-28799 | QNAP NAS Improper Authorization Vulnerability KEVQNAP | QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device. |
| CVE-2021-28664 | Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability KEVArm | Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-o… |
| CVE-2021-28663 | Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability KEVArm | Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations … |
| CVE-2021-28550 | Adobe Acrobat and Reader Use-After-Free Vulnerability KEVAdobe | Adobe Acrobat and Reader contains a use-after-free vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the c… |
| CVE-2021-28310 | Microsoft Win32k Privilege Escalation Vulnerability KEVMicrosoft | Microsoft Windows Win32k contains an unspecified vulnerability that allows for privilege escalation. |
| CVE-2021-27878 | Veritas Backup Exec Agent Command Execution Vulnerability KEVVeritas | Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a c… |
| CVE-2021-27877 | Veritas Backup Exec Agent Improper Authentication Vulnerability KEVVeritas | Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authe… |
| CVE-2021-27876 | Veritas Backup Exec Agent File Access Vulnerability KEVVeritas | Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management proto… |
| CVE-2021-27860 | FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit KEVFatPipe | A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any lo… |
| CVE-2021-27852 | Checkbox Survey Deserialization of Untrusted Data Vulnerability KEVCheckbox | Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. |
| CVE-2021-27562 | Arm Trusted Firmware Out-of-Bounds Write Vulnerability KEVCVSS 5.5Arm | Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print… |
| CVE-2021-27561 | Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability KEVYealink | Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution. |
| CVE-2021-27104 | Accellion FTA OS Command Injection Vulnerability KEVAccellion | Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints. |
| CVE-2021-27103 | Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability KEVAccellion | Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html. |
| CVE-2021-27102 | Accellion FTA OS Command Injection Vulnerability KEVAccellion | Accellion FTA contains an OS command injection vulnerability exploited via a local web service call. |
| CVE-2021-27101 | Accellion FTA SQL Injection Vulnerability KEVAccellion | Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html. |
| CVE-2021-27085 | Microsoft Internet Explorer Remote Code Execution Vulnerability KEVMicrosoft | Microsoft Internet Explorer contains an unspecified vulnerability that allows for remote code execution. |
| CVE-2021-27065 | Microsoft Exchange Server Remote Code Execution Vulnerability KEVMicrosoft | Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit cha… |
| CVE-2021-27059 | Microsoft Office Remote Code Execution Vulnerability KEVMicrosoft | Microsoft Office contains an unspecified vulnerability that allows for remote code execution. |
| CVE-2021-26858 | Microsoft Exchange Server Remote Code Execution Vulnerability KEVMicrosoft | Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit cha… |
| CVE-2021-26857 | Microsoft Exchange Server Remote Code Execution Vulnerability KEVMicrosoft | Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit cha… |
| CVE-2021-26855 | Microsoft Exchange Server Remote Code Execution Vulnerability KEVMicrosoft | Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit cha… |
| CVE-2021-26829 | OpenPLC ScadaBR Cross-site Scripting Vulnerability KEVOpenPLC | OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm. |
| CVE-2021-26828 | OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability KEVOpenPLC | OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrar… |
| CVE-2021-26411 | Microsoft Internet Explorer Memory Corruption Vulnerability KEVMicrosoft | Microsoft Internet Explorer contains an unspecified vulnerability that allows for memory corruption. |