Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cve-2021-1648 vulnerabilities and exploits

(subscribe to this query)

6
CVSSv2
CVE-2021-1302
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information...
Cisco Sd-wan Vmanage -
4
CVSSv2
CVE-2021-1304
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information...
Cisco Sd-wan Vmanage -
4
CVSSv2
CVE-2021-1305
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information...
Cisco Ios Xe Sd-wan -Cisco Sd-wan FirmwareCisco Sd-wan Firmware 20.4.0Cisco Sd-wan Vsmart Controller FirmwareCisco Sd-wan Vbond Orchestrator -
9
CVSSv2
CVE-2020-16875
A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user, aka 'Microsoft Exchange Server...
Microsoft Exchange Server 2016Microsoft Exchange Server 2019
10
CVSSv2
CVE-2021-0316
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
Google Android 8.0Google Android 8.1Google Android 9.0Google Android 10.0Google Android 11.0
7.8
CVSSv2
CVE-2021-0313
In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
Google Android 8.0Google Android 8.1Google Android 9.0Google Android 10.0Google Android 11.0
6.8
CVSSv2
CVE-2020-16044
firefox use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk. A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run...
Google Chrome
6.5
CVSSv2
CVE-2020-17132
Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17141, CVE-2020-17142, CVE-2020-17144....
Microsoft Exchange Server 2013Microsoft Exchange Server 2016Microsoft Exchange Server 2019
7.2
CVSSv2
CVE-2021-1647
Microsoft Defender Remote Code Execution Vulnerability. Exploitation detected....
Microsoft Windows Defender -Microsoft Security Essentials -Microsoft System Center Endpoint Protection -Microsoft System Center Endpoint Protection 2012
6.5
CVSSv2
CVE-2021-1674
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability...
Microsoft Windows 10 -Microsoft Windows 10 20h2Microsoft Windows 10 1607Microsoft Windows 10 1803Microsoft Windows 10 1809Microsoft Windows 10 1909Microsoft Windows 10 2004Microsoft Windows 7 -Microsoft Windows 8.1 -Microsoft Windows Rt 8.1 -Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 -Microsoft Windows Server 2012 R2Microsoft Windows Server 2016 -Microsoft Windows Server 2016 20h2Microsoft Windows Server 2016 1909Microsoft Windows Server 2016 2004Microsoft Windows Server 2019 -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
unprivilegedCVE-2016-8138CVE-2016-8155local file inclusionCVE-2016-8111CVE-2021-27730XML external entityCVE-2021-21973CVE-2021-21972