Security Vulnerabilities - CVEs Published In November 2021
Microsoft Excel Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.03
Published
2021-11-10
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVSS Score
7.4
EPSS Score
0.029
Published
2021-11-10
Remote Desktop Client Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.189
Published
2021-11-10
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVSS Score
4.4
EPSS Score
0.003
Published
2021-11-10
Windows Desktop Bridge Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-11-10
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
CVSS Score
9.0
EPSS Score
0.005
Published
2021-11-10
Azure RTOS Information Disclosure Vulnerability
CVSS Score
3.3
EPSS Score
0.01
Published
2021-11-10
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config.pm has the root password in cleartext.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-11-10
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated attacker could inject OS commands by starting a Counter-Strike server and using the map field to enter a Bash command.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-11-10
Thruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] Reflected XSS via the host or title parameter. An attacker could inject arbitrary JavaScript into status.cgi. The payload would be triggered every time an authenticated user browses the page containing it.
CVSS Score
6.1
EPSS Score
0.164
Published
2021-11-09