Vulnerabilities (CVE)

Yack CVE helps teams search and track vulnerabilities.

TOTAL
358,413 CVE
CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-44031
1Quest
1Kace Desktop Authority
Jun 17, 2026
Dec 22, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code executio...Show more
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at /images/{GUID}/{filename}.Show less
CVE-2021-44030
1Quest
1Kace Desktop Authority
Jun 17, 2026
Dec 22, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery.
CVE-2021-44029
1Quest
1Kace Desktop Authority
Jun 17, 2026
Dec 22, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An at...Show more
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known (due to the presence of CVE-2017-11317, CVE-2017-11357, or other means). A default setting for the type whitelisting feature in more current versions of ASP.NET AJAX prevents exploitation.Show less
CVE-2021-44028
1Quest
1Kace Desktop Authority
Jun 17, 2026
Dec 22, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285.
CVE-2021-44026
3Debian
FedoraprojectRoundcube
3Debian Linux
FedoraWebmail
Jun 17, 2026
Nov 19, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
CVE-2021-44025
3Debian
FedoraprojectRoundcube
3Debian Linux
FedoraWebmail
Jun 17, 2026
Nov 19, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message.
CVE-2021-44024
1Trendmicro
3Apex One
Worry Free Business SecurityWorry Free Business Security Services
Jun 17, 2026
Jan 10, 2022
N/A· v4
7.1 HIGH· v3
6.6 MEDIUM· v2
A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files i...Show more
A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-44023
1Trendmicro
4Antivirus+ Security 2021
Internet Security 2021Maximum Security 2021+1 more
Jun 17, 2026
Dec 16, 2021
N/A· v4
7.1 HIGH· v3
3.6 LOW· v2
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that...Show more
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service.Show less
CVE-2021-44022
1Trendmicro
1Apex One
Jun 17, 2026
Dec 3, 2021
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). Please note: an attacker must first obtain the abi...Show more
A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-44021
1Trendmicro
1Worry Free Business Security
Jun 17, 2026
Dec 3, 2021
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ab...Show more
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44020.Show less
CVE-2021-44020
1Trendmicro
1Worry Free Business Security
Jun 17, 2026
Dec 3, 2021
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ab...Show more
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021.Show less
CVE-2021-44019
1Trendmicro
1Worry Free Business Security
Jun 17, 2026
Dec 3, 2021
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ab...Show more
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44020 and 44021.Show less
CVE-2021-44018
1Siemens
3Jt2go
Solid EdgeTeamcenter Visualization
Jun 17, 2026
Feb 9, 2022
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0....Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15112)Show less
CVE-2021-44017
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Image.dll is vulnerable to an out of bounds read past the end of an allocated buffer when...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Image.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted TIF files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15111)Show less
CVE-2021-44016
1Siemens
3Jt2go
Solid EdgeTeamcenter Visualization
Jun 17, 2026
Feb 9, 2022
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0....Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15110)Show less
CVE-2021-44015
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The VCRUNTIME140.dll is vulnerable to an out of bounds read past the end of an allocated buffe...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The VCRUNTIME140.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted CGM files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15109)Show less
CVE-2021-44014
1Siemens
5Jt2go
Jt Open ToolkitJt Utilities+2 more
Jun 17, 2026
Dec 14, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a use-after-free vulnerability that could be...Show more
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15057, ZDI-CAN-19081)Show less
CVE-2021-44013
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The DL180pdfl.dll contains an out of bounds write past the end of an allocated structure while...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The DL180pdfl.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15103)Show less
CVE-2021-44012
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll is vulnerable to an out of bounds read past the end of an allocated buffer when...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15102)Show less
CVE-2021-44011
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll is vulnerable to an out of bounds read past the end of an allocated buffer whil...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll is vulnerable to an out of bounds read past the end of an allocated buffer while parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15101)Show less
CVE-2021-44010
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak information in the context of the current process.Show less
CVE-2021-44009
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak information in the context of the current process.Show less
CVE-2021-44008
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak information in the context of the current process.Show less
CVE-2021-44007
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an off-by-one error in the heap while parsing specially crafted T...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an off-by-one error in the heap while parsing specially crafted TIFF files. This could allow an attacker to cause a denial-of-service condition.Show less
CVE-2021-44006
1Siemens
2Jt2go
Teamcenter Visualization
Jun 17, 2026
Dec 14, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an out of bounds write past the end of an allocated structure whi...Show more
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process.Show less