Memory Corruption - Scripting Engine (CVE-2021-26419) - High [572] Description: Scripting Engine Memory Corruption Vulnerability1. Memory Corruption - Scripting Engine (CVE-2021-26419) - High [572] Description: Scripting Engine Memory Corruption Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 1.0 | 17 | Public exploit is found at Vulners (Internet Explorer jscript9.dll Memory Corruption) |
| Criticality of Vulnerability Type | 0.6 | 15 | Memory Corruption |
| Vulnerable Product is Common | 0.6 | 14 | MS Internet Browser |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
2. 
Remote Code Execution - HTTP Protocol Stack (CVE-2021-31166) - High [508] Description: HTTP Protocol Stack Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | HTTP Protocol Stack |
| CVSS Base Score | 1.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Microsoft data |
3. Remote Code Execution - OLE Automation (CVE-2021-31194) - High [475] Description: OLE Automation Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.8 | 14 | OLE Automation |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
4. Remote Code Execution - Windows Media Foundation Core (CVE-2021-31192) - High [467] Description: Windows Media Foundation Core Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.9 | 14 | Windows Media Foundation Core |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.3. Based on Microsoft data |
5. Remote Code Execution - Microsoft Jet Red Database Engine and Access Connectivity Engine (CVE-2021-28455) - High [456] Description: Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft Jet Red Database Engine and Access Connectivity Engine |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
6. Remote Code Execution - Microsoft SharePoint (CVE-2021-28474) - High [456] Description: Microsoft SharePoint Server Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
7. Remote Code Execution - Microsoft SharePoint (CVE-2021-31181) - High [456] Description: Microsoft SharePoint Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
8. Remote Code Execution - Common Utilities (CVE-2021-31200) - High [448] Description: Common Utilities Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.8 | 14 | Common Utilities |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
9. Remote Code Execution - Web Media Extensions (CVE-2021-28465) - High [443] Description: Web Media Extensions Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | Web Media Extensions |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
10. Remote Code Execution - Microsoft Exchange Server (CVE-2021-31198) - High [443] Description: Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31195.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft Exchange Server |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
11. Remote Code Execution - Hyper-V (CVE-2021-28476) - High [432] Description: Hyper-V Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Hyper-V |
| CVSS Base Score | 1.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.9. Based on Microsoft data |
12. Remote Code Execution - Microsoft Exchange Server (CVE-2021-31195) - High [429] Description: Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31198.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft Exchange Server |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
13. Remote Code Execution - Microsoft Office (CVE-2021-31175) - High [424] Description: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31176, CVE-2021-31177, CVE-2021-31179.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Office |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
14. Remote Code Execution - Microsoft Office (CVE-2021-31176) - High [424] Description: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31177, CVE-2021-31179.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Office |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
15. Remote Code Execution - Microsoft Office (CVE-2021-31177) - High [424] Description: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31179.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Office |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
16. Remote Code Execution - Microsoft Office (CVE-2021-31179) - High [424] Description: Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31177.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Office |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
17. Remote Code Execution - Microsoft Office Graphics (CVE-2021-31180) - High [424] Description: Microsoft Office Graphics Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Office Graphics |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
18. Remote Code Execution - Visual Studio (CVE-2021-27068) - High [418] Description: Visual Studio Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Visual Studio |
| CVSS Base Score | 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
19. Remote Code Execution - Skype for Business and Lync (CVE-2021-26422) - High [410] Description: Skype for Business and Lync Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.6 | 14 | Skype for Business and Lync |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
20. 
Security Feature Bypass - Microsoft Exchange Server (CVE-2021-31207) - High [409] Description: Microsoft Exchange Server Security Feature Bypass Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.9 | 15 | Security Feature Bypass |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft Exchange Server |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
21. Security Feature Bypass - Windows SMB Client (CVE-2021-31205) - High [406] Description: Windows SMB Client Security Feature Bypass Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.9 | 15 | Security Feature Bypass |
| Vulnerable Product is Common | 0.9 | 14 | Windows SMB Client |
| CVSS Base Score | 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.3. Based on Microsoft data |
22. Remote Code Execution - Visual Studio (CVE-2021-31211) - High [405] Description: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31214.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Visual Studio |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
23. Remote Code Execution - Visual Studio (CVE-2021-31213) - High [405] Description: Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Visual Studio |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
24. Remote Code Execution - Visual Studio (CVE-2021-31214) - High [405] Description: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 1.0 | 15 | Remote Code Execution |
| Vulnerable Product is Common | 0.5 | 14 | Visual Studio |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
25. 
Elevation of Privilege - Windows Container Manager Service (CVE-2021-31165) - Medium [379] Description: Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows Container Manager Service |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
26. Elevation of Privilege - Windows Container Manager Service (CVE-2021-31167) - Medium [379] Description: Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows Container Manager Service |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
27. Elevation of Privilege - Windows Container Manager Service (CVE-2021-31168) - Medium [379] Description: Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31169, CVE-2021-31208.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows Container Manager Service |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
28. Elevation of Privilege - Windows Container Manager Service (CVE-2021-31169) - Medium [379] Description: Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31208.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows Container Manager Service |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
29. Elevation of Privilege - Windows Container Isolation FS Filter Driver (CVE-2021-31190) - Medium [379] Description: Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows Container Isolation FS Filter Driver |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
30. Elevation of Privilege - Windows Container Manager Service (CVE-2021-31208) - Medium [379] Description: Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31169.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.9 | 14 | Windows Container Manager Service |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
31. Elevation of Privilege - Windows Graphics Component (CVE-2021-31170) - Medium [360] Description: Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31188.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Graphics Component |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
32. Elevation of Privilege - Windows WalletService (CVE-2021-31187) - Medium [360] Description: Windows WalletService Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows component |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
33. Elevation of Privilege - Windows Graphics Component (CVE-2021-31188) - Medium [360] Description: Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31170.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows Graphics Component |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
34. Elevation of Privilege - Windows SSDP Service (CVE-2021-31193) - Medium [360] Description: Windows SSDP Service Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.8 | 14 | Windows SSDP Service |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
35. 
Denial of Service - Windows Desktop Bridge (CVE-2021-31185) - Medium [355] Description: Windows Desktop Bridge Denial of Service Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.7 | 15 | Denial of Service |
| Vulnerable Product is Common | 0.7 | 14 | Windows Desktop Bridge |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
36. Elevation of Privilege - .NET and Visual Studio (CVE-2021-31204) - Medium [328] Description: .NET and Visual Studio Elevation of Privilege Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.5 | 15 | Elevation of Privilege |
| Vulnerable Product is Common | 0.7 | 14 | .NET and Visual Studio |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.3. Based on Microsoft data |
37. 
Information Disclosure - Windows Wireless Networking (CVE-2020-24587) - Medium [327] Description: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Windows Wireless Networking |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
38. 
Spoofing - Windows Wireless Networking (CVE-2020-24588) - Medium [327] Description: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.8 | 14 | Windows Wireless Networking |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
39. Spoofing - Windows Wireless Networking (CVE-2020-26144) - Medium [327] Description: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.8 | 14 | Windows Wireless Networking |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
40. Spoofing - Microsoft Bluetooth Driver (CVE-2021-31182) - Medium [327] Description: Microsoft Bluetooth Driver Spoofing Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.8 | 14 | Microsoft Bluetooth Driver |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
41. Information Disclosure - Windows Remote Desktop Protocol (RDP) (CVE-2021-31186) - Medium [327] Description: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Windows Remote Desktop Protocol (RDP) |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.4. Based on Microsoft data |
42. Information Disclosure - Microsoft Accessibility Insights for Web (CVE-2021-31936) - Medium [327] Description: Microsoft Accessibility Insights for Web Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Microsoft Accessibility Insights for Web |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.4. Based on Microsoft data |
43. Spoofing - Microsoft SharePoint (CVE-2021-28478) - Medium [321] Description: Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-31172.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.6. Based on Microsoft data |
44. Information Disclosure - Windows CSC Service (CVE-2021-28479) - Medium [313] Description: Windows CSC Service Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Windows component |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
45. Information Disclosure - Windows Projected File System FS Filter Driver (CVE-2021-31191) - Medium [313] Description: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.8 | 14 | Windows component |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
46. Spoofing - Microsoft SharePoint (CVE-2021-31172) - Medium [308] Description: Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-28478.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
47. Spoofing - Microsoft Exchange Server (CVE-2021-31209) - Medium [308] Description: Microsoft Exchange Server Spoofing Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft Exchange Server |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
48. 
Cross Site Scripting - Dynamics Finance and Operations (CVE-2021-28461) - Medium [294] Description: Dynamics Finance and Operations Cross-site Scripting Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Cross Site Scripting |
| Vulnerable Product is Common | 0.7 | 14 | Dynamics Finance and Operations |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
49. Information Disclosure - Windows Infrared Data Association (IrDA) (CVE-2021-31184) - Medium [294] Description: Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.7 | 14 | Windows Infrared Data Association (IrDA) |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
50. Spoofing - Skype for Business and Lync (CVE-2021-26421) - Medium [289] Description: Skype for Business and Lync Spoofing Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.6 | 14 | Skype for Business and Lync |
| CVSS Base Score | 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
51. Spoofing - Microsoft SharePoint (CVE-2021-26418) - Medium [281] Description: Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-28478, CVE-2021-31172.
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Spoofing |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.6. Based on Microsoft data |
52. Information Disclosure - Microsoft SharePoint (CVE-2021-31173) - Medium [281] Description: Microsoft SharePoint Server Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.3. Based on Microsoft data |
53. Information Disclosure - Microsoft Excel (CVE-2021-31174) - Medium [275] Description: Microsoft Excel Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.6 | 14 | MS Office product |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
54. Information Disclosure - Microsoft Office (CVE-2021-31178) - Medium [275] Description: Microsoft Office Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.6 | 14 | Microsoft Office |
| CVSS Base Score | 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
55. Information Disclosure - Microsoft SharePoint (CVE-2021-31171) - Medium [267] Description: Microsoft SharePoint Information Disclosure Vulnerability
| component | value | weight | comment |
|---|---|---|---|
| Exploited in the Wild | 0 | 18 | Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites |
| Public Exploit Exists | 0 | 17 | Public exploit is NOT found at Vulners website |
| Criticality of Vulnerability Type | 0.4 | 15 | Information Disclosure |
| Vulnerable Product is Common | 0.7 | 14 | Microsoft SharePoint |
| CVSS Base Score | 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.1. Based on Microsoft data |
Memory Corruption (1)Remote Code Execution (21)Security Feature Bypass (2)Elevation of Privilege (11)Denial of Service (1)Information Disclosure (10)Spoofing (8)Cross Site Scripting (1)