1CVE-2021-219851639The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
3CVE-2021-28476480Hyper-V Remote Code Execution Vulnerability
4CVE-2021-31956340Windows NTFS Elevation of Privilege Vulnerability
5CVE-2021-31955244Windows Kernel Information Disclosure Vulnerability
6CVE-2020-36289210Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.
8CVE-2021-33739202Microsoft DWM Core Library Elevation of Privilege Vulnerability
10CVE-2018-19296161PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
11CVE-2020-11110126Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
12CVE-2021-1675117Windows Print Spooler Elevation of Privilege Vulnerability
13CVE-2021-33742111Windows MSHTML Platform Remote Code Execution Vulnerability
15CVE-2021-30551106Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
16CVE-2021-31181101Microsoft SharePoint Remote Code Execution Vulnerability
17CVE-2021-2212397An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page.
18CVE-2021-3116689HTTP Protocol Stack Remote Code Execution Vulnerability
19CVE-2021-2686883Windows Graphics Component Elevation of Privilege Vulnerability
20CVE-2021-008981Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.