CVE-2021-36959

Windows Authenticode Spoofing Vulnerability

Source: CVE-2021-36959

CVE-2021-36961

Windows Installer Denial of Service Vulnerability

Source: CVE-2021-36961

CVE-2021-36952

Visual Studio Remote Code Execution Vulnerability

Source: CVE-2021-36952

CVE-2021-26435

Windows Scripting Engine Memory Corruption Vulnerability

Source: CVE-2021-26435

CVE-2021-26437

Visual Studio Code Spoofing Vulnerability

Source: CVE-2021-26437

CVE-2021-26434

Visual Studio Elevation of Privilege Vulnerability

Source: CVE-2021-26434

CVE-2021-22149

Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users.

Source: CVE-2021-22149

CVE-2021-22148

Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines.

Source: CVE-2021-22148

CVE-2020-35340

A Directory Traversal vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read the file contents from files that the running ExpertPDF process has access to read.

Source: CVE-2020-35340

CVE-2021-22147

Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.

Source: CVE-2021-22147