CVE-2021-1699
- Windows (modem.sys) Information Disclosure Vulnerability
Published:
January 12, 2021; 3:15:33 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-1697
- Windows InstallService Elevation of Privilege Vulnerability
Published:
January 12, 2021; 3:15:33 PM -0500
CVE-2021-1696
- Windows Graphics Component Information Disclosure Vulnerability
Published:
January 12, 2021; 3:15:33 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-1695
- Windows Print Spooler Elevation of Privilege Vulnerability
Published:
January 12, 2021; 3:15:33 PM -0500
CVE-2021-1700
- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701.
Published:
January 12, 2021; 3:15:33 PM -0500
CVE-2021-1702
- Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
Published:
January 12, 2021; 3:15:33 PM -0500
CVE-2021-1694
- Windows Update Stack Elevation of Privilege Vulnerability
Published:
January 12, 2021; 3:15:33 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-1668
- Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
Published:
January 12, 2021; 3:15:31 PM -0500
CVE-2021-1669
- Windows Remote Desktop Security Feature Bypass Vulnerability
Published:
January 12, 2021; 3:15:32 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-1693
- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688.
Published:
January 12, 2021; 3:15:33 PM -0500
CVE-2020-26733
- Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section.
Published:
January 14, 2021; 11:15:17 AM -0500
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-1691
- Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1692.
Published:
January 12, 2021; 3:15:33 PM -0500
V3.1: 7.7 HIGH
V2.0: 4.0 MEDIUM
CVE-2020-29015
- A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization heade...
read CVE-2020-29015
Published:
January 14, 2021; 11:15:17 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-29016
- A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted re...
read CVE-2020-29016
Published:
January 14, 2021; 11:15:18 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-29017
- An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.
Published:
January 14, 2021; 11:15:18 AM -0500
CVE-2020-29018
- A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.
Published:
January 14, 2021; 11:15:18 AM -0500
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2020-29019
- A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.
Published:
January 14, 2021; 11:15:18 AM -0500
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2021-1692
- Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1691.
Published:
January 12, 2021; 3:15:33 PM -0500
V3.1: 7.7 HIGH
V2.0: 4.0 MEDIUM
CVE-2021-1667
- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
Published:
January 12, 2021; 3:15:31 PM -0500
CVE-2020-26247
- Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowi...
read CVE-2020-26247
Published:
December 30, 2020; 2:15:12 PM -0500
V3.1: 4.3 MEDIUM
V2.0: 4.0 MEDIUM