Pagina 4 – Azienda Sicura

Lista CVE 2021/24xxx

CVE nel gruppo: 24xxx

CVE-2021-24084 (Clicca per dettagli)

CVE-2021-24085 (Windows Mobile Device Management Information Disclosure Vulnerability)

CVE-2021-24086 (Microsoft Exchange Server Spoofing Vulnerability)

CVE-2021-24087 (Windows TCP/IP Denial of Service Vulnerability)

CVE-2021-24088 (Azure IoT CLI extension Elevation of Privilege Vulnerability)

CVE-2021-24089 (Windows Local Spooler Remote Code Execution Vulnerability)

CVE-2021-24090 (HEVC Video Extensions Remote Code Execution Vulnerability)

CVE-2021-24091 (Windows Error Reporting Elevation of Privilege Vulnerability)

CVE-2021-24092 (Windows Camera Codec Pack Remote Code Execution Vulnerability)

CVE-2021-24093 (Microsoft Defender Elevation of Privilege Vulnerability)

CVE-2021-24094 (Windows Graphics Component Remote Code Execution Vulnerability)

CVE-2021-24095 (Windows TCP/IP Remote Code Execution Vulnerability)

CVE-2021-24096 (DirectX Elevation of Privilege Vulnerability)

CVE-2021-24098 (Windows Kernel Elevation of Privilege Vulnerability)

CVE-2021-24099 (Windows Console Driver Denial of Service Vulnerability)

CVE-2021-24100 (Skype for Business and Lync Denial of Service Vulnerability)

CVE-2021-24101 (Microsoft Edge for Android Information Disclosure Vulnerability)

CVE-2021-24102 (Microsoft Dataverse Information Disclosure Vulnerability)

CVE-2021-24103 (Windows Event Tracing Elevation of Privilege Vulnerability)

CVE-2021-24104 (Windows Event Tracing Elevation of Privilege Vulnerability)

CVE-2021-24105 (Microsoft SharePoint Server Spoofing Vulnerability)

CVE-2021-24106 (Package Managers Configurations Remote Code Execution Vulnerability)

CVE-2021-24107 (Windows DirectX Information Disclosure Vulnerability)

CVE-2021-24108 (Windows Event Tracing Information Disclosure Vulnerability)

CVE-2021-24109 (Microsoft Office Remote Code Execution Vulnerability)

CVE-2021-24110 (Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability)

CVE-2021-24111 (HEVC Video Extensions Remote Code Execution Vulnerability)

CVE-2021-24112 (.NET Framework Denial of Service Vulnerability)

CVE-2021-24113 (.NET Core Remote Code Execution Vulnerability)

CVE-2021-24114 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)

CVE-2021-24115 (Microsoft Teams iOS Information Disclosure Vulnerability)

CVE-2021-24116 (Clicca per dettagli)

CVE-2021-24117 (Clicca per dettagli)

CVE-2021-24119 (Clicca per dettagli)

CVE-2021-24122 (Clicca per dettagli)

CVE-2021-24123 (Apache Tomcat information disclosure)

CVE-2021-24124 (PowerPress < 8.3.8 - Authenticated Arbitrary File Upload leading to RCE)

CVE-2021-24125 (WP Shieldon 1.6.3 – Unauthenticated Cross-Site Scripting (XSS))

CVE-2021-24126 (Contact Form Submissions < 1.7.1 - Authenticated SQL Injection)

CVE-2021-24127 (Envira Gallery Lite < 1.8.3.3 - Authenticated Stored Cross-Site Scripting)

CVE-2021-24128 (ThirstyAffiliates < 3.9.3 - Authenticated Stored XSS)

CVE-2021-24129 (Team Members < 5.0.4 - Authenticated Stored Cross-Site Scripting (XSS))

CVE-2021-24130 (Themify Portfolio Post < 1.1.6 - Authenticated Stored Cross-Site Scripting)

CVE-2021-24131 (WP Google Map Plugin < 4.1.5 - Authenticated SQL Injection)

CVE-2021-24132 (Anti-Spam by CleanTalk < 5.149 - Multiple Authenticated SQL Injections)

CVE-2021-24133 (Slider by 10Web < 1.2.36 - Multiple Authenticated SQL Injection)

CVE-2021-24134 (ActiveCampaign < 8.0.2 - Cross-Site Request Forgery in Settings)

CVE-2021-24135 (Constant Contact Forms < 1.8.8 - Multiple Authenticated Stored XSS)

CVE-2021-24136 (WP Customer Reviews < 3.4.3 - Multiple Unauthenticated and Low Priv Authenticated Stored XSS)

CVE-2021-24137 (Testimonials Widget < 4.0.0 - Multiple Authenticated Stored XSS)

CVE-2021-24138 (Blog2Social: Social Media Auto Post & Scheduler < 6.3.1 - Authenticated SQL Injection)

CVE-2021-24139 (AdRotate < 5.8.4 - Authenticated SQL Injection)

CVE-2021-24140 (Photo Gallery by 10Web < 1.5.55 - Unauthenticated SQL Injection)

CVE-2021-24141 (Ajax Load More < 5.3.2 - Authenticated SQL Injection)

CVE-2021-24142 (Advanced Database Cleaner < 3.0.2 - Authenticated SQL injection)

CVE-2021-24143 (301 Redirects – Easy Redirect Manager < 2.51 - Authenticated SQL Injection)

CVE-2021-24144 (AccessPress Social Icons < 1.8.1 - Authenticated SQL Injection)

CVE-2021-24145 (Contact Form 7 Database Addon < 1.2.5.6 - CSV Injection)

CVE-2021-24146 (Modern Events Calendar Lite < 5.16.5 - Authenticated Arbitrary File Upload leading to RCE)

CVE-2021-24147 (Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export)

CVE-2021-24148 (Modern Events Calendar Lite < 5.16.5 - Authenticated Stored Cross-Site Scripting (XSS))

CVE-2021-24149 (MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple)

CVE-2021-24150 (Modern Events Calendar Lite < 5.16.6 - Authenticated SQL Injection)

CVE-2021-24151 (Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF)

CVE-2021-24152 (WP Editor < 1.2.7 - Authenticated SQL injection)

CVE-2021-24153 (Popup Builder < 3.74 - Authenticated Reflected Cross-Site Scripting (XSS))

CVE-2021-24154 (Yoast SEO < 3.4.1 - Authenticated Stored Cross-Site Scripting (XSS))

CVE-2021-24155 (Theme Editor < 2.6 - Authenticated Arbitrary File Download)

CVE-2021-24156 (Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload)

CVE-2021-24157 (Testimonial Rotator <= 3.0.3 - Authenticated Stored Cross-Site Scripting)

CVE-2021-24158 (Orbit Fox by ThemeIsle < 2.10.3 - Authenticated Stored Cross Site Scripting)

CVE-2021-24159 (Orbit Fox by ThemeIsle < 2.10.3 - Authenticated Privilege Escalation)

CVE-2021-24160 (Contact Form 7 Style <= 3.1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting)

CVE-2021-24161 (Responsive Menu 4.0.0 – 4.0.3 – Authenticated Arbitrary File Upload )

CVE-2021-24162 (Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload )

CVE-2021-24163 (Responsive Menu < 4.0.4 - CSRF to Settings Update)

CVE-2021-24164 (Ninja Forms < 3.4.34 - Authenticated SendWP Plugin Installation and Client Secret Key Disclosure)

CVE-2021-24165 (Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure)

CVE-2021-24166 (Ninja Forms < 3.4.34 - Administrator Open Redirect)

CVE-2021-24167 (Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection)

Precedente Successivo