Export limit exceeded: 35188 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35188 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31371 | 1 Juniper | 6 Junos, Qfx5100, Qfx5110 and 3 more | 2024-11-21 | 5.3 Medium |
| Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability. This issue affects Juniper Networks Junos OS on QFX5110, QFX5120, QFX5200, QFX5210 Series, and QFX5100 with QFX 5e Series image installed: All versions prior to 17.3R3-S12; 18.1 versions prior to 18.1R3-S13; 18.3 versions prior to 18.3R3-S5; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; | ||||
| CVE-2021-31349 | 1 Juniper | 2 128 Technology Session Smart Router, 128 Technology Session Smart Router Firmware | 2024-11-21 | 9.8 Critical |
| The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1. | ||||
| CVE-2021-31232 | 1 Linuxfoundation | 1 Cortex | 2024-11-21 | 5.5 Medium |
| The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth password_file can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack vector to send any file content because the alertmanager can load any text file specified in the templates list. | ||||
| CVE-2021-31231 | 1 Grafana | 1 Enterprise Metrics | 2024-11-21 | 5.5 Medium |
| The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metrics Enterprise 1.2.1 has a local file disclosure vulnerability when experimental.alertmanager.enable-api is used. The HTTP basic auth password_file can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack vector to send any file content because the alertmanager can load any text file specified in the templates list. | ||||
| CVE-2021-31225 | 1 Stormshield | 1 Endpoint Security | 2024-11-21 | 7.3 High |
| SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed. | ||||
| CVE-2021-31224 | 1 Stormshield | 1 Endpoint Security | 2024-11-21 | 3.5 Low |
| SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies. | ||||
| CVE-2021-31223 | 1 Stormshield | 1 Endpoint Security | 2024-11-21 | 5.7 Medium |
| SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed. | ||||
| CVE-2021-31222 | 1 Stormshield | 1 Endpoint Security | 2024-11-21 | 5.7 Medium |
| SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed. | ||||
| CVE-2021-31221 | 1 Stormshield | 1 Endpoint Security | 2024-11-21 | 5.7 Medium |
| SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed. | ||||
| CVE-2021-31220 | 1 Stormshield | 1 Endpoint Security | 2024-11-21 | 5.2 Medium |
| SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies. | ||||
| CVE-2021-31215 | 3 Debian, Fedoraproject, Schedmd | 3 Debian Linux, Fedora, Slurm | 2024-11-21 | 8.8 High |
| SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. | ||||
| CVE-2021-31214 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-31213 | 1 Microsoft | 2 Remote, Remote Development | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability | ||||
| CVE-2021-31211 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2021-31208 | 1 Microsoft | 6 Windows 10, Windows 10 1809, Windows 10 20h2 and 3 more | 2024-11-21 | 7.8 High |
| Windows Container Manager Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-31206 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 7.6 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-31205 | 1 Microsoft | 6 Windows 10, Windows 10 1809, Windows 10 20h2 and 3 more | 2024-11-21 | 6.5 Medium |
| Windows SMB Client Security Feature Bypass Vulnerability | ||||
| CVE-2021-31204 | 3 Fedoraproject, Microsoft, Redhat | 6 Fedora, .net, .net Core and 3 more | 2024-11-21 | 7.3 High |
| .NET and Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2021-31200 | 1 Microsoft | 1 Neural Network Intelligence | 2024-11-21 | 7.2 High |
| Common Utilities Remote Code Execution Vulnerability | ||||
| CVE-2021-31194 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 8.8 High |
| OLE Automation Remote Code Execution Vulnerability | ||||