| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-41079 | — | Hig | 0.42 | 7.5 | 0.07 | Sep 16, 2021 | Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a… | |
| CVE-2021-39239 | Hig | 0.49 | 7.5 | 0.04 | Sep 16, 2021 | A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server. | ||
| CVE-2021-39214 | Hig | 0.53 | 8.1 | 0.01 | Sep 16, 2021 | mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through… | ||
| CVE-2021-36160 | Hig | 0.54 | 7.5 | 0.63 | Sep 16, 2021 | A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). | ||
| CVE-2021-34798 | Hig | 0.54 | 7.5 | 0.65 | Sep 16, 2021 | Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. | ||
| CVE-2020-14109 | Hig | 0.47 | 7.2 | 0.02 | Sep 16, 2021 | There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12 | ||
| CVE-2021-39128 | Hig | 0.47 | 7.2 | 0.02 | Sep 16, 2021 | Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected… | ||
| CVE-2021-40639 | Hig | 0.49 | 7.5 | 0.01 | Sep 15, 2021 | Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js. | ||
| CVE-2020-21483 | Hig | 0.47 | 7.2 | 0.02 | Sep 15, 2021 | An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code via a crafted .jpg file which is later changed to a PHP file. | ||
| CVE-2020-21481 | Hig | 0.47 | 7.2 | 0.02 | Sep 15, 2021 | An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file. | ||
| CVE-2020-21480 | Hig | 0.47 | 7.2 | 0.02 | Sep 15, 2021 | An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file. | ||
| CVE-2021-40862 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2021 | HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously disclosed a sensitive URL to authenticated parties, which could be used for privilege escalation or unauthorized modification of a Terraform configuration. Fixed in v202109-1. | ||
| CVE-2021-33705 | Hig | 0.53 | 8.1 | 0.02 | Sep 15, 2021 | The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated attacker to craft a malicious URL which when clicked by a user can make any type of… | ||
| CVE-2021-33704 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2021 | The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited… | ||
| CVE-2021-33700 | Hig | 0.51 | 7.8 | 0.00 | Sep 15, 2021 | SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take… | ||
| CVE-2021-33698 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2021 | SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation. | ||
| CVE-2021-33692 | Hig | 0.49 | 7.5 | 0.01 | Sep 15, 2021 | SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories. | ||
| CVE-2021-40965 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2021 | A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker. | ||
| CVE-2021-39215 | Hig | 0.00 | 7.5 | 0.01 | Sep 15, 2021 | Jitsi Meet is an open source video conferencing application. In versions prior to 2.0.5963, a Prosody module allows the use of symmetrical algorithms to validate JSON web tokens. This means that tokens generated by arbitrary sources can be used to gain authorization to protected… | ||
| CVE-2021-29750 | Hig | 0.49 | 7.5 | 0.01 | Sep 15, 2021 | IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201778. | ||
| CVE-2021-40156 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2021 | A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code. | ||
| CVE-2021-40155 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2021 | A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code. | ||
| CVE-2021-3795 | — | Hig | 0.42 | 7.5 | 0.01 | Sep 15, 2021 | semver-regex is vulnerable to Inefficient Regular Expression Complexity | |
| CVE-2021-27046 | Hig | 0.51 | 7.8 | 0.00 | Sep 15, 2021 | A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files. | ||
| CVE-2021-27045 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2021 | A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code. | ||
| CVE-2020-21126 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2021 | MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo. | ||
| CVE-2021-39209 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2021 | GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, a user who is logged in to GLPI can bypass Cross-Site Request Forgery (CSRF) protection in many places. This could allow a malicious actor to perform many actions on GLPI. This issue is fixed in… | ||
| CVE-2021-40157 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2021 | A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system. | ||
| CVE-2021-27044 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2021 | A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure. | ||
| CVE-2021-21798 | Hig | 0.52 | 7.8 | 0.16 | Sep 15, 2021 | An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code… | ||
| CVE-2020-19159 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2021 | Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote attackers to execute arbitrary code via the component '/index.php?module=member&action=add'. | ||
| CVE-2020-19155 | Hig | 0.58 | 8.8 | 0.08 | Sep 15, 2021 | Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerController.java'. | ||
| CVE-2020-19151 | Hig | 0.58 | 8.8 | 0.05 | Sep 15, 2021 | Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinal_cms/admin/filemanager/list'. | ||
| CVE-2020-19150 | Hig | 0.53 | 8.1 | 0.03 | Sep 15, 2021 | Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information or cause a denial of service via the 'FileManager.delete()' function in the component 'modules/filemanager/FileManagerController.java'. | ||
| CVE-2021-40845 | Hig | 0.58 | 8.8 | 0.05 | Sep 15, 2021 | The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd… | ||
| CVE-2021-3796 | Hig | 0.00 | 7.3 | 0.02 | Sep 15, 2021 | vim is vulnerable to Use After Free | ||
| CVE-2021-3794 | Hig | 0.42 | 7.5 | 0.01 | Sep 15, 2021 | vuelidate is vulnerable to Inefficient Regular Expression Complexity | ||
| CVE-2021-30137 | Hig | 0.50 | 7.7 | 0.01 | Sep 15, 2021 | Assyst 10 SP7.5 has authenticated XXE leading to SSRF via XML unmarshalling. The application allows users to send JSON or XML data to the server. It was possible to inject malicious XML data through several access points. | ||
| CVE-2021-27662 | Hig | 0.56 | 8.6 | 0.01 | Sep 15, 2021 | The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01 | ||
| CVE-2020-3960 | Hig | 0.55 | 8.4 | 0.00 | Sep 15, 2021 | VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a… | ||
| CVE-2021-40447 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2021 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2021-40444 | Hig | 0.86 | 8.8 | 0.97 | KEV | Sep 15, 2021 | Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker… | |
| CVE-2021-38671 | Hig | 0.51 | 7.8 | 0.00 | Sep 15, 2021 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2021-38667 | Hig | 0.51 | 7.8 | 0.00 | Sep 15, 2021 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2021-38661 | Hig | 0.51 | 7.8 | 0.02 | Sep 15, 2021 | HEVC Video Extensions Remote Code Execution Vulnerability | ||
| CVE-2021-38660 | Hig | 0.51 | 7.8 | 0.02 | Sep 15, 2021 | Microsoft Office Graphics Remote Code Execution Vulnerability | ||
| CVE-2021-38659 | Hig | 0.51 | 7.8 | 0.05 | Sep 15, 2021 | Microsoft Office Graphics Remote Code Execution Vulnerability | ||
| CVE-2021-38658 | Hig | 0.51 | 7.8 | 0.05 | Sep 15, 2021 | Microsoft Office Graphics Remote Code Execution Vulnerability | ||
| CVE-2021-38656 | Hig | 0.51 | 7.8 | 0.05 | Sep 15, 2021 | Microsoft Word Remote Code Execution Vulnerability | ||
| CVE-2021-38655 | Hig | 0.51 | 7.8 | 0.05 | Sep 15, 2021 | Microsoft Excel Remote Code Execution Vulnerability |
- risk 0.42cvss 7.5epss 0.07
Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a…
- risk 0.49cvss 7.5epss 0.04
A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server.
- risk 0.53cvss 8.1epss 0.01
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through…
- risk 0.54cvss 7.5epss 0.63
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
- risk 0.54cvss 7.5epss 0.65
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
- risk 0.47cvss 7.2epss 0.02
There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12
- risk 0.47cvss 7.2epss 0.02
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected…
- risk 0.49cvss 7.5epss 0.01
Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.
- risk 0.47cvss 7.2epss 0.02
An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code via a crafted .jpg file which is later changed to a PHP file.
- risk 0.47cvss 7.2epss 0.02
An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file.
- risk 0.47cvss 7.2epss 0.02
An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file.
- risk 0.57cvss 8.8epss 0.01
HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously disclosed a sensitive URL to authenticated parties, which could be used for privilege escalation or unauthorized modification of a Terraform configuration. Fixed in v202109-1.
- risk 0.53cvss 8.1epss 0.02
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated attacker to craft a malicious URL which when clicked by a user can make any type of…
- risk 0.57cvss 8.8epss 0.01
The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited…
- risk 0.51cvss 7.8epss 0.00
SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take…
- risk 0.57cvss 8.8epss 0.01
SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation.
- risk 0.49cvss 7.5epss 0.01
SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories.
- risk 0.57cvss 8.8epss 0.01
A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.
- risk 0.00cvss 7.5epss 0.01
Jitsi Meet is an open source video conferencing application. In versions prior to 2.0.5963, a Prosody module allows the use of symmetrical algorithms to validate JSON web tokens. This means that tokens generated by arbitrary sources can be used to gain authorization to protected…
- risk 0.49cvss 7.5epss 0.01
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201778.
- risk 0.51cvss 7.8epss 0.01
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
- risk 0.51cvss 7.8epss 0.01
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
- risk 0.42cvss 7.5epss 0.01
semver-regex is vulnerable to Inefficient Regular Expression Complexity
- risk 0.51cvss 7.8epss 0.00
A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.
- risk 0.51cvss 7.8epss 0.01
A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
- risk 0.57cvss 8.8epss 0.01
MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo.
- risk 0.57cvss 8.8epss 0.01
GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, a user who is logged in to GLPI can bypass Cross-Site Request Forgery (CSRF) protection in many places. This could allow a malicious actor to perform many actions on GLPI. This issue is fixed in…
- risk 0.51cvss 7.8epss 0.01
A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system.
- risk 0.51cvss 7.8epss 0.01
A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure.
- risk 0.52cvss 7.8epss 0.16
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code…
- risk 0.57cvss 8.8epss 0.01
Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote attackers to execute arbitrary code via the component '/index.php?module=member&action=add'.
- risk 0.58cvss 8.8epss 0.08
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerController.java'.
- risk 0.58cvss 8.8epss 0.05
Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinal_cms/admin/filemanager/list'.
- risk 0.53cvss 8.1epss 0.03
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information or cause a denial of service via the 'FileManager.delete()' function in the component 'modules/filemanager/FileManagerController.java'.
- risk 0.58cvss 8.8epss 0.05
The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd…
- risk 0.00cvss 7.3epss 0.02
vim is vulnerable to Use After Free
- risk 0.42cvss 7.5epss 0.01
vuelidate is vulnerable to Inefficient Regular Expression Complexity
- risk 0.50cvss 7.7epss 0.01
Assyst 10 SP7.5 has authenticated XXE leading to SSRF via XML unmarshalling. The application allows users to send JSON or XML data to the server. It was possible to inject malicious XML data through several access points.
- risk 0.56cvss 8.6epss 0.01
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01
- risk 0.55cvss 8.4epss 0.00
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a…
- risk 0.51cvss 7.8epss 0.01
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.86cvss 8.8epss 0.97
Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker…
- risk 0.51cvss 7.8epss 0.00
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.00
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.02
HEVC Video Extensions Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.02
Microsoft Office Graphics Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.05
Microsoft Office Graphics Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.05
Microsoft Office Graphics Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.05
Microsoft Word Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.05
Microsoft Excel Remote Code Execution Vulnerability