Security Vulnerabilities - CVEs Published In April 2021
Win32k Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.005
Published
2021-04-13
Windows Media Photo Codec Information Disclosure Vulnerability
CVSS Score
5.7
EPSS Score
0.047
Published
2021-04-13
Windows Services and Controller App Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-04-13
Windows Event Tracing Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2021-04-13
Microsoft Internet Messaging API Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.004
Published
2021-04-13
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.035
Published
2021-04-13
RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.004
Published
2021-04-13
Azure AD Web Sign-in Security Feature Bypass Vulnerability
CVSS Score
6.8
EPSS Score
0.106
Published
2021-04-13
Windows Kernel Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.004
Published
2021-04-13
Ampache is a web based audio/video streaming application and file manager. Versions prior to 4.4.1 allow unauthenticated access to Ampache using the subsonic API. To successfully make the attack you must use a username that is not part of the site to bypass the auth checks. For more details and workaround guidance see the referenced GitHub security advisory.
CVSS Score
9.1
EPSS Score
0.001
Published
2021-04-13