| | CVE-2021-31923 | ForgeRock | medium | 5.3 | — | | Ping Identity PingAccess before 5.3.3 allows HTTP request smuggling via header manipulation. | Sep 24, 2021 | Nov 21, 2024 |
| | CVE-2021-31843 | Trellix | high | 7.3 | 0.0%
| | Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7… | Sep 17, 2021 | Feb 24, 2026 |
| | CVE-2021-37154 | ForgeRock | critical | 9.8 | — | | In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, pot… | Aug 25, 2021 | Nov 21, 2024 |
| | CVE-2021-37153 | ForgeRock | critical | 9.8 | — | | ForgeRock Access Management (AM) before 7.0.2, when configured with Active Directory as the Identity… | Aug 25, 2021 | Nov 21, 2024 |
| | CVE-2021-3712 | Tenable | high | 7.4 | 0.4%
| | ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a… | Aug 24, 2021 | Apr 16, 2026 |
| | CVE-2021-39270 | ForgeRock | high | 7.5 | — | | In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. | Aug 18, 2021 | Nov 21, 2024 |
| | CVE-2021-22926 | Splunk | high | 7.5 | 0.7%
| | libcurl-using applications can ask for a specific client certificate to be used in a transfer. This … | Aug 5, 2021 | May 28, 2026 |
| | CVE-2021-22925 | Splunk | medium | 5.3 | 0.4%
| | curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely … | Aug 5, 2021 | Apr 16, 2026 |
| | CVE-2021-22922 | Splunk | medium | 6.5 | 0.1%
| | When curl is instructed to download content using the metalink feature, thecontents is verified agai… | Aug 5, 2021 | Apr 16, 2026 |
| | CVE-2021-35464 | ForgeRock | critical | 9.8 | — | | ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession para… | Jul 22, 2021 | Nov 5, 2025 |
| | CVE-2021-35971 | Veeam | critical | 9.8 | — | | Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mish… | Jun 30, 2021 | Nov 21, 2024 |
| | CVE-2021-31838 | Trellix | high | 8.4 | 2.9%
| | A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4.0 allows an authenticated MVED… | Jun 29, 2021 | Feb 24, 2026 |
| | CVE-2021-22898 | Splunk | low | 3.1 | 0.1%
| | curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, kn… | Jun 11, 2021 | Apr 16, 2026 |
| | CVE-2021-22897 | Splunk | medium | 5.3 | 0.8%
| | curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake i… | Jun 11, 2021 | May 28, 2026 |
| | CVE-2021-29156 | ForgeRock | high | 7.5 | — | | ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an una… | Mar 25, 2021 | Nov 21, 2024 |
| | CVE-2020-7346 | Trellix | high | 7.8 | 0.1%
| | Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.10… | Mar 23, 2021 | Feb 23, 2026 |
| | CVE-2021-24105 | Microsoft | high | 8.4 | 0.7%
| | <p>Depending on configuration of various package managers it is possible for an attacker to insert a… | Feb 25, 2021 | Feb 24, 2026 |
| | CVE-2021-1730 | Microsoft | medium | 5.4 | 2.0%
| | <p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that… | Feb 25, 2021 | Feb 24, 2026 |
| | CVE-2021-21974 | VMware | high | 8.8 | 55.7%
| | OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before … | Feb 24, 2021 | Jun 2, 2026 |
| | CVE-2021-23840 | Tenable | high | 7.5 | 0.6%
| | Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length ar… | Feb 16, 2021 | Apr 16, 2026 |
| | CVE-2021-26118 | Apache | high | 7.5 | 4.0%
| | While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire… | Jan 27, 2021 | Jun 15, 2026 |
| | CVE-2021-26117 | Apache | high | 7.5 | 11.2%
| | The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server… | Jan 27, 2021 | Jun 15, 2026 |
| | CVE-2020-8285 | Splunk | high | 7.5 | 0.7%
| | curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow … | Dec 14, 2020 | Apr 16, 2026 |
| | CVE-2020-8284 | Splunk | low | 3.7 | 0.1%
| | A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting ba… | Dec 14, 2020 | Apr 16, 2026 |
| | CVE-2020-8177 | Splunk | high | 7.8 | 0.0%
| | curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resour… | Dec 14, 2020 | Apr 15, 2026 |
| | CVE-2020-17103 | Microsoft | high | 7.0 | 1.2%
| | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Dec 9, 2020 | Jun 10, 2026 |
| | CVE-2020-1971 | Tenable | medium | 5.9 | 0.3%
| | The X.509 GeneralName type is a generic type for representing different types of names. One of those… | Dec 8, 2020 | May 29, 2026 |
| | CVE-2020-17091 | Microsoft | high | 7.8 | 0.7%
| | Microsoft Teams Remote Code Execution Vulnerability | Nov 11, 2020 | May 29, 2026 |
| | CVE-2020-17023 | Microsoft | high | 7.8 | 18.0%
| | <p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into op… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-17003 | Microsoft | high | 7.8 | 11.7%
| | <p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles … | Oct 16, 2020 | May 29, 2026 |
| | CVE-2020-16995 | Microsoft | high | 7.8 | 0.5%
| | <p>An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16978 | Microsoft | medium | 5.4 | 0.7%
| | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not pr… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16977 | Microsoft | high | 7.0 | 5.9%
| | <p>A remote code execution vulnerability exists in Visual Studio Code when the Python extension load… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16969 | Microsoft | high | 7.1 | 0.9%
| | <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when ha… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16957 | Microsoft | high | 7.8 | 9.7%
| | <p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16956 | Microsoft | medium | 5.4 | 0.7%
| | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not pr… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16955 | Microsoft | high | 7.8 | 10.9%
| | <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16954 | Microsoft | high | 7.8 | 13.8%
| | <p>A remote code execution vulnerability exists in Microsoft Office software when the software fails… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16953 | Microsoft | medium | 6.5 | 23.4%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16952 | Microsoft | high | 8.6 | 78.6%
| | <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to c… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16951 | Microsoft | high | 8.6 | 1.8%
| | <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to c… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16950 | Microsoft | medium | 5.0 | 20.9%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16949 | Microsoft | medium | 4.7 | 7.5%
| | <p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16948 | Microsoft | medium | 6.5 | 17.4%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16947 | Microsoft | high | 7.5 | 45.4%
| | <p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fail… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16946 | Microsoft | high | 8.7 | 0.6%
| | <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not prope… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16945 | Microsoft | high | 8.7 | 0.5%
| | <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not prope… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16944 | Microsoft | high | 8.7 | 0.6%
| | <p>This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafte… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16943 | Microsoft | medium | 6.5 | 0.6%
| | <p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthentic… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16942 | Microsoft | medium | 4.1 | 0.3%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly disclo… | Oct 16, 2020 | Feb 23, 2026 |