Security Vulnerabilities - CVEs Published In September 2021
Windows SMB Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.004
Published
2021-09-15
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-09-15
Windows SMB Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2021-09-15
Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated attacker could utilize API keys belonging to higher privileged users.
CVSS Score
8.8
EPSS Score
0.007
Published
2021-09-15
Visual Studio Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.006
Published
2021-09-15
Windows Scripting Engine Memory Corruption Vulnerability
CVSS Score
8.1
EPSS Score
0.038
Published
2021-09-15
Visual Studio Code Spoofing Vulnerability
CVSS Score
5.5
EPSS Score
0.015
Published
2021-09-15
A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read the file contents from files that the running ExpertPDF process has access to read.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-09-15
Elasticsearch before 7.14.0 did not apply document and field level security to searchable snapshots. This could lead to an authenticated user gaining access to information that they are unauthorized to view.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-09-15
Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user gaining access to unauthorized engines.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-09-15