Search
31,027 CVEs · Critical severity
CVEs (31,027, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 476–500 of 31,027 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2020-5320 | CRITICAL | Patched | 9.0 | 2021-07-19 | Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQL injection vulnerability. A remo… |
| CVE-2021-35211 | CRITICAL | Patched | 9.0 | 2021-07-14 | Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat act… |
| CVE-2021-34523 | CRITICAL | 9.0 | 2021-07-14 | Microsoft Exchange Server Elevation of Privilege Vulnerability | |
| CVE-2020-7869 | CRITICAL | 9.0 | 2021-06-29 | An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Ti… | |
| CVE-2021-25383 | CRITICAL | 9.0 | 2021-06-11 | An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on med… | |
| CVE-2021-25384 | CRITICAL | 9.0 | 2021-06-11 | An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers … | |
| CVE-2021-25385 | CRITICAL | 9.0 | 2021-06-11 | An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary co… | |
| CVE-2021-25386 | CRITICAL | 9.0 | 2021-06-11 | An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary co… | |
| CVE-2021-25387 | CRITICAL | 9.0 | 2021-06-11 | An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on m… | |
| CVE-2021-23895 | CRITICAL | Patched | 9.0 | 2021-06-02 | Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with adm… |
| CVE-2020-15180 | CRITICAL | Patched | 9.0 | 2021-05-27 | A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote at… |
| CVE-2020-27832 | CRITICAL | Patched | 9.0 | 2021-05-27 | A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attack… |
| CVE-2020-13601 | CRITICAL | Patched | 9.0 | 2021-05-25 | Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrprojec… |
| CVE-2021-27648 | CRITICAL | Patched | 9.0 | 2021-04-28 | Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated us… |
| CVE-2021-28483 | CRITICAL | 9.0 | 2021-04-13 | Microsoft Exchange Server Remote Code Execution Vulnerability | |
| CVE-2021-25360 | CRITICAL | 9.0 | 2021-04-09 | An improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | |
| CVE-2021-21515 | CRITICAL | Patched | 9.0 | 2021-03-01 | Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerabi… |
| CVE-2021-26562 | CRITICAL | Patched | 9.0 | 2021-02-26 | Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary c… |
| CVE-2021-26560 | CRITICAL | Patched | 9.0 | 2021-02-26 | Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle atta… |
| CVE-2021-26561 | CRITICAL | Patched | 9.0 | 2021-02-26 | Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arb… |
| CVE-2021-23885 | CRITICAL | Patched | 9.0 | 2021-02-17 | Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execut… |
| CVE-2020-29026 | CRITICAL | Patched | 9.0 | 2021-02-15 | A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and … |
| CVE-2020-35128 | CRITICAL | Patched | 9.0 | 2021-01-19 | Mautic before 3.2.4 is affected by stored XSS. An attacker with permission to manage companies, an application feature, could attack other users, including administrators. … |
| CVE-2020-35129 | CRITICAL | Patched | 9.0 | 2021-01-19 | Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For… |
| CVE-2020-35717 | CRITICAL | Patched | 9.0 | 2021-01-01 | zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true). |