CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft : Security Vulnerabilities Published In 2021 (Bypass)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-42292 Bypass 2021-11-10 2022-07-12
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Excel Security Feature Bypass Vulnerability
2 CVE-2021-42288 Bypass 2021-11-10 2022-07-12
3.6
None Local Low Not required Partial Partial None
Windows Hello Security Feature Bypass Vulnerability
3 CVE-2021-41363 Bypass 2021-10-13 2021-10-19
4.4
None Local Medium Not required Partial Partial Partial
Intune Management Extension Security Feature Bypass Vulnerability
4 CVE-2021-41346 Bypass 2021-10-13 2021-10-19
4.6
None Local Low Not required Partial Partial Partial
Console Window Host Security Feature Bypass Vulnerability
5 CVE-2021-41338 Bypass 2021-10-13 2021-10-19
2.1
None Local Low Not required None Partial None
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability
6 CVE-2021-41337 Bypass 2021-10-13 2021-10-19
4.0
None Remote Low ??? None Partial None
Active Directory Security Feature Bypass Vulnerability
7 CVE-2021-40460 Bypass 2021-10-13 2022-05-23
4.0
None Remote Low ??? None Partial None
Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability
8 CVE-2021-40456 Bypass 2021-10-13 2022-05-23
5.0
None Remote Low Not required Partial None None
Windows AD FS Security Feature Bypass Vulnerability
9 CVE-2021-38632 Bypass 2021-09-15 2021-09-27
2.1
None Local Low Not required Partial None None
BitLocker Security Feature Bypass Vulnerability
10 CVE-2021-38624 639 Bypass 2021-09-15 2021-09-27
4.0
None Remote Low ??? None Partial None
Windows Key Storage Provider Security Feature Bypass Vulnerability
11 CVE-2021-36949 287 Bypass 2021-08-12 2021-08-20
4.9
None Local Network Medium ??? Partial Partial Partial
Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
12 CVE-2021-34469 Bypass 2021-07-14 2022-07-12
5.8
None Remote Medium Not required Partial Partial None
Microsoft Office Security Feature Bypass Vulnerability
13 CVE-2021-34466 290 Bypass 2021-07-16 2022-07-12
3.6
None Local Low Not required Partial Partial None
Windows Hello Security Feature Bypass Vulnerability
14 CVE-2021-34446 Bypass 2021-07-16 2021-07-22
6.8
None Remote Medium Not required Partial Partial Partial
Windows HTML Platforms Security Feature Bypass Vulnerability
15 CVE-2021-33786 Bypass 2021-07-14 2022-07-12
6.5
None Remote Low ??? Partial Partial Partial
Windows LSA Security Feature Bypass Vulnerability
16 CVE-2021-33781 Bypass 2021-07-14 2021-07-17
5.5
None Remote Low ??? Partial Partial None
Azure AD Security Feature Bypass Vulnerability
17 CVE-2021-33779 Bypass 2021-07-14 2021-07-17
5.5
None Remote Low ??? Partial Partial None
Windows ADFS Security Feature Bypass Vulnerability
18 CVE-2021-33757 Bypass 2021-07-14 2021-07-17
7.5
None Remote Low Not required Partial Partial Partial
Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability
19 CVE-2021-33744 Bypass 2021-07-14 2022-05-03
7.2
None Local Low Not required Complete Complete Complete
Windows Secure Kernel Mode Security Feature Bypass Vulnerability
20 CVE-2021-31971 Bypass 2021-06-08 2021-06-11
6.8
None Remote Medium Not required Partial Partial Partial
Windows HTML Platform Security Feature Bypass Vulnerability
21 CVE-2021-31970 Bypass 2021-06-08 2021-09-13
2.1
None Local Low Not required None None Partial
Windows TCP/IP Driver Security Feature Bypass Vulnerability
22 CVE-2021-31962 Bypass 2021-06-08 2022-05-27
7.5
None Remote Low Not required Partial Partial Partial
Kerberos AppContainer Security Feature Bypass Vulnerability
23 CVE-2021-31207 22 Dir. Trav. Bypass 2021-05-11 2022-07-12
6.5
None Remote Low ??? Partial Partial Partial
Microsoft Exchange Server Security Feature Bypass Vulnerability
24 CVE-2021-31205 Bypass 2021-05-11 2021-05-18
4.3
None Remote Medium Not required Partial None None
Windows SMB Client Security Feature Bypass Vulnerability
25 CVE-2021-30617 Bypass 2021-09-03 2021-11-18
4.3
None Remote Medium Not required None Partial None
Chromium: CVE-2021-30617 Policy bypass in Blink
26 CVE-2021-28447 Bypass 2021-04-13 2021-09-14
2.1
None Local Low Not required None Partial None
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094.
27 CVE-2021-28444 Bypass 2021-04-13 2021-04-21
4.0
None Remote Low ??? None Partial None
Windows Hyper-V Security Feature Bypass Vulnerability
28 CVE-2021-28316 Bypass 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
29 CVE-2021-27094 Bypass 2021-04-13 2021-09-14
2.1
None Local Low Not required None Partial None
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-28447.
30 CVE-2021-27092 Bypass 2021-04-13 2021-04-16
7.5
None Remote Low Not required Partial Partial Partial
Azure AD Web Sign-in Security Feature Bypass Vulnerability
31 CVE-2021-27066 Bypass 2021-03-11 2021-03-16
4.0
None Remote Low ??? Partial None None
Windows Admin Center Security Feature Bypass Vulnerability
32 CVE-2021-27055 Bypass 2021-03-11 2021-03-16
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Visio Security Feature Bypass Vulnerability
33 CVE-2021-26892 Bypass 2021-03-11 2021-03-23
2.1
None Local Low Not required None None Partial
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
34 CVE-2021-26414 Bypass 2021-06-08 2021-06-17
4.3
None Remote Medium Not required None Partial None
Windows DCOM Server Security Feature Bypass
35 CVE-2021-24113 Bypass 2021-02-25 2021-07-08
5.8
None Remote Medium Not required Partial Partial None
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
36 CVE-2021-24082 Bypass 2021-02-25 2021-03-04
4.0
None Remote Low ??? Partial None None
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
37 CVE-2021-21141 74 Bypass 2021-02-09 2022-07-12
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.
38 CVE-2021-21139 1021 Bypass 2021-02-09 2021-03-15
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
39 CVE-2021-21133 Bypass 2021-02-09 2022-07-12
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
40 CVE-2021-21131 59 Bypass 2021-02-09 2022-07-12
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
41 CVE-2021-21130 Bypass 2021-02-09 2022-07-12
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
42 CVE-2021-21129 Bypass 2021-02-09 2022-07-12
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
43 CVE-2021-21127 Bypass 2021-02-09 2022-07-12
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.
44 CVE-2021-21126 287 Bypass 2021-02-09 2021-03-04
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
45 CVE-2021-21125 59 Bypass 2021-02-09 2022-07-12
5.8
None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
46 CVE-2021-21123 20 Bypass 2021-02-09 2021-03-08
4.3
None Remote Medium Not required None Partial None
Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
47 CVE-2021-1731 522 Bypass 2021-02-25 2022-07-12
2.1
None Local Low Not required Partial None None
PFX Encryption Security Feature Bypass Vulnerability
48 CVE-2021-1684 Bypass 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.
49 CVE-2021-1683 Bypass 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.
50 CVE-2021-1678 Bypass 2021-01-12 2021-01-20
5.0
None Remote Low Not required Partial None None
NTLM Security Feature Bypass Vulnerability
Total number of vulnerabilities : 54   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.