CPE Details
Microsoft Windows Server 2022 - Standard Edition
-
2023-10-14
19h03 +00:00
19h03 +00:00
2023-10-14
19h13 +00:00
19h13 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:standard:*:*:*
Informations
Vendor
microsoftProduct
windows_server_2022Version
-Software Edition
standardRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. | 7 |
High |
||
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | 7.8 |
High |
||
| Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | 5.5 |
Medium |
||
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | 7.8 |
High |
||
| Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | 4.6 |
Medium |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Core Messaging Elevation of Privileges Vulnerability | 7 |
High |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Core Messaging Elevation of Privileges Vulnerability | 7 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| NTLM Hash Disclosure Spoofing Vulnerability | 6.5 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kerberos Denial of Service Vulnerability | 5.9 |
Medium |
||
| Windows Remote Desktop Configuration Service Tampering Vulnerability | 6.8 |
Medium |
||
| Windows Deployment Services Denial of Service Vulnerability | 6 |
Medium |
||
| Windows NTFS Elevation of Privilege Vulnerability | 3.3 |
Low |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Disk Cleanup Tool Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Setup Files Cleanup Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Storage Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Digest Authentication Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft Digest Authentication Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows Kerberos Denial of Service Vulnerability | 7.5 |
High |
||
| Windows CSC Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows CSC Service Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | 5.5 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| GDI+ Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Cryptographic Information Disclosure Vulnerability | 5.6 |
Medium |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Smart Card Reader Information Disclosure Vulnerability | 2.4 |
Low |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Themes Spoofing Vulnerability | 6.5 |
Medium |
||
| Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows upnphost.dll Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Search Service Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows MapUrlToZone Denial of Service Vulnerability | 7.5 |
High |
||
| Windows App Package Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Event Tracing Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| IP Helper Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | 5.9 |
Medium |
||
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | 8.1 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 4.6 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability | 6.1 |
Medium |
||
| Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | 7.5 |
High |
||
| Active Directory Federation Server Spoofing Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Remote Desktop Services Denial of Service Vulnerability | 7.5 |
High |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Medium |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Medium |
||
| Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | 6.2 |
Medium |
||
| Windows NTLM Spoofing Vulnerability | 6.5 |
Medium |
||
| Windows upnphost.dll Denial of Service Vulnerability | 7.5 |
High |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Medium |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows SmartScreen Spoofing Vulnerability | 6.5 |
Medium |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Geolocation Service Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Kerberos Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows OLE Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| BranchCache Remote Code Execution Vulnerability | 7.5 |
High |
||
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft Digest Authentication Remote Code Execution Vulnerability | 8.1 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Direct Show Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows COM Server Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft COM for Windows Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability | 5.5 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows COM Server Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows HTML Platforms Security Feature Bypass Vulnerability | 4.3 |
Medium |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows WLAN AutoConfig Service Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kerberos Information Disclosure Vulnerability | 5.9 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 4.6 |
Medium |
||
| Windows BitLocker Information Disclosure Vulnerability | 4.2 |
Medium |
||
| Windows BitLocker Information Disclosure Vulnerability | 4.2 |
Medium |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 8.4 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows File Explorer Information Disclosure Vulnerability | 6.8 |
Medium |
||
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
High |
||
| Input Method Editor (IME) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Services Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Task Scheduler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| WmsRepair Service Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Domain Name Service Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Task Scheduler Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Active Directory Certificate Services Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Package Library Manager Information Disclosure Vulnerability | 6.2 |
Medium |
||
| Windows SMB Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Registry Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows KDC Proxy Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Registry Elevation of Privilege Vulnerability | 7.5 |
High |
||
| NTLM Hash Disclosure Spoofing Vulnerability | 6.5 |
Medium |
||
| Windows DNS Spoofing Vulnerability | 7.5 |
High |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Windows SMBv3 Server Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Client-Side Caching Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Windows VMSwitch Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows NT OS Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Update Stack Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Winlogon Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Code Integrity Guard Security Feature Bypass Vulnerability | 5.5 |
Medium |
||
| Windows Scripting Engine Security Feature Bypass Vulnerability | 8.4 |
High |
||
| Remote Desktop Protocol Server Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | 8.3 |
High |
||
| Microsoft Management Console Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| NT OS Kernel Elevation of Privilege Vulnerability | 7.4 |
High |
||
| Windows Storage Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Channel Spoofing Vulnerability | 7.4 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kerberos Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Cryptographic Information Disclosure Vulnerability | 5.6 |
Medium |
||
| Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Denial of Service Vulnerability | 5 |
Medium |
||
| Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | 7.5 |
High |
||
| .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Remote Desktop Services Tampering Vulnerability | 7.4 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Netlogon Elevation of Privilege Vulnerability | 9 |
Critical |
||
| BranchCache Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Windows Hyper-V Security Feature Bypass Vulnerability | 7.1 |
High |
||
| Microsoft OpenSSH for Windows Remote Code Execution Vulnerability | 7.1 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft OpenSSH for Windows Remote Code Execution Vulnerability | 7.1 |
High |
||
| Windows MSHTML Platform Spoofing Vulnerability | 8.1 |
High |
||
| Windows Kernel-Mode Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 8.8 |
High |
||
| Remote Registry Service Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability | 7.5 |
High |
||
| BitLocker Security Feature Bypass Vulnerability | 6.4 |
Medium |
||
| BranchCache Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Security Zone Mapping Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows MSHTML Platform Spoofing Vulnerability | 8.8 |
High |
||
| Windows Remote Desktop Licensing Service Spoofing Vulnerability | 9.8 |
Critical |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 7.1 |
High |
||
| Windows Network Address Translation (NAT) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows TCP/IP Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft Management Console Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Remote Desktop Licensing Service Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft AllJoyn API Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Storage Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7 |
High |
||
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 7.2 |
High |
||
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Networking Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Mark of the Web Security Feature Bypass Vulnerability | 5.4 |
Medium |
||
| PowerShell Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Authentication Information Disclosure Vulnerability | 6.2 |
Medium |
||
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | 9.8 |
Critical |
||
| DHCP Server Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Update Stack Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows DNS Spoofing Vulnerability | 7.5 |
High |
||
| Windows Initial Machine Configuration Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows SmartScreen Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows OLE Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | 7.5 |
High |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | 4.2 |
Medium |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Deployment Services Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | 7 |
High |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| Clipboard Virtual Channel Extension Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 5.5 |
Medium |
||
| NTFS Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows Power Dependency Coordinator Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Mark of the Web Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.5 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Scripting Engine Memory Corruption Vulnerability | 7.5 |
High |
||
| Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful. Microsoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note: Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems. If there are any further updates regarding mitigations for this vulnerability, this CVE will be updated and customers will be notified. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert if an update occurs. Details A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability. Microsoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note: Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems. If there are any further... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202 | 7.3 |
High |
||
| Summary: Microsoft was notified that an elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS), including a subset of Azure Virtual Machine SKUS. This vulnerability enables an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS. Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE. This CVE will be updated when the mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs. Update: August 13, 2024 Microsoft has released the August 2024 security updates that include an opt-in revocation policy mitigation to address this vulnerability. Customers running affected versions of Windows are encouraged to review KB5042562: Guidance for blocking rollback of virtualization-based security related updates to assess if this opt-in policy meets the needs of their environment before implementing this mitigation. There are risks associated with this mitigation that should be understood prior to applying it to your systems. Detailed information about these risks is also available in KB5042562. Details: A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, and higher based systems including Azure Virtual Machines (VM) that support VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) | Microsoft Learn. The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful exploitation provides an attacker with the ability to reintroduce previously mitigated vulnerabilities, circumvent VBS security features, and exfiltrate data protected by VBS. Microsoft is developing a security... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21302 | 6.7 |
Medium |
||
| Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue | 7.8 |
High |
||
| Windows Text Services Framework Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | 5.9 |
Medium |
||
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows Enroll Engine Security Feature Bypass Vulnerability | 7 |
High |
||
| Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | 7.5 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| BitLocker Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Workstation Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability | 6.5 |
Medium |
||
| PowerShell Elevation of Privilege Vulnerability | 7.8 |
High |
||
| DHCP Server Service Remote Code Execution Vulnerability | 7.2 |
High |
||
| PowerShell Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Themes Spoofing Vulnerability | 6.5 |
Medium |
||
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Line Printer Daemon Service Denial of Service Vulnerability | 6.5 |
Medium |
||
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | 7.2 |
High |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8.4 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows MultiPoint Services Remote Code Execution Vulnerability | 8.8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Windows MSHTML Platform Spoofing Vulnerability | 7.5 |
High |
||
| Windows Fax Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows File Explorer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft WS-Discovery Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows TCP/IP Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability | 7.5 |
High |
||
| Windows Imaging Component Remote Code Execution Vulnerability | 8.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Windows Codecs Library Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft Windows Codecs Library Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Remote Code Execution Vulnerability | 7.8 |
High |
||
| PowerShell Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Filtering Platform Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Image Acquisition Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Windows Server Backup Elevation of Privilege Vulnerability | 6.7 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Windows iSCSI Service Denial of Service Vulnerability | 5.3 |
Medium |
||
| Windows Cryptographic Services Security Feature Bypass Vulnerability | 7.5 |
High |
||
| Windows NTLM Spoofing Vulnerability | 7.1 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Cryptographic Services Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Storage Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Streaming Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft Streaming Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Winlogon Elevation of Privilege Vulnerability | 5.5 |
Medium |
||
| Winlogon Elevation of Privilege Vulnerability | 5.5 |
Medium |
||
| Windows Themes Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | 6.7 |
Medium |
||
| Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Wi-Fi Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows OLE Remote Code Execution Vulnerability | 8 |
High |
||
| Windows Container Manager Service Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows MSHTML Platform Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 5.5 |
Medium |
||
| Windows Deployment Services Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Search Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| NTFS Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Mark of the Web Security Feature Bypass Vulnerability | 5.4 |
Medium |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Cryptographic Services Remote Code Execution Vulnerability | 8.1 |
High |
||
| DHCP Server Service Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Cryptographic Services Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Hyper-V Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows DWM Core Library Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 7.1 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows Authentication Elevation of Privilege Vulnerability | 4.3 |
Medium |
||
| Windows Storage Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Windows Telephony Server Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Telephony Server Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cryptographic Services Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows Distributed File System (DFS) Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows File Server Resource Management Service Elevation of Privilege Vulnerability | 7.3 |
High |
||
| DHCP Server Service Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| DHCP Server Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Server Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Defender Credential Guard Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Proxy Driver Spoofing Vulnerability | 6.7 |
Medium |
||
| Windows CSC Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 7.5 |
High |
||
| Windows USB Print Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Mobile Hotspot Information Disclosure Vulnerability | 5 |
Medium |
||
| HTTP.sys Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | 5.5 |
Medium |
||
| DHCP Server Service Remote Code Execution Vulnerability | 7.2 |
High |
||
| DHCP Server Service Remote Code Execution Vulnerability | 7.2 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 7.4 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Windows Kerberos Denial of Service Vulnerability | 6.5 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 8 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Windows Authentication Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| BitLocker Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.8 |
High |
||
| SmartScreen Prompt Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 6.2 |
Medium |
||
| Windows Cryptographic Services Remote Code Execution Vulnerability | 8.4 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.3 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 7.5 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.4 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 4.1 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Install Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows DWM Core Library Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows rndismp6.sys Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows rndismp6.sys Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | 7.3 |
High |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| .NET Framework Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Kernel Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Error Reporting Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Update Stack Elevation of Privilege Vulnerability | 7 |
High |
||
| Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows Kerberos Security Feature Bypass Vulnerability | 7.5 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft QUIC Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability | 6.5 |
Medium |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| NTFS Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows USB Print Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Windows USB Print Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Server Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft AllJoyn API Denial of Service Vulnerability | 7.5 |
High |
||
| Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability | 6.4 |
Medium |
||
| Windows USB Hub Driver Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. | 7.5 |
High |
||
| Internet Shortcut Files Security Feature Bypass Vulnerability | 8.1 |
High |
||
| Windows Printing Service Spoofing Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows DNS Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Kernel Security Feature Bypass Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | 7 |
High |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 5.9 |
Medium |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Windows USB Generic Parent Driver Remote Code Execution Vulnerability | 6.4 |
Medium |
||
| Windows Hyper-V Denial of Service Vulnerability | 6.5 |
Medium |
||
| Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Trusted Compute Base Elevation of Privilege Vulnerability | 4.1 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows OLE Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows SmartScreen Security Feature Bypass Vulnerability | 7.6 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 4.6 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Themes Spoofing Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 6.5 |
Medium |
||
| .NET Framework Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Cryptographic Services Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Bluetooth Driver Spoofing Vulnerability | 5.7 |
Medium |
||
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | 5.7 |
Medium |
||
| Microsoft AllJoyn API Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Subsystem for Linux Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Server Key Distribution Service Security Feature Bypass | 6.1 |
Medium |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Message Queuing Client (MSMQC) Information Disclosure | 6.5 |
Medium |
||
| Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability | 4.9 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Microsoft Common Log File System Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows HTML Platforms Security Feature Bypass Vulnerability | 8.1 |
High |
||
| NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | 9.8 |
Critical |
||
| Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | 8.7 |
High |
||
| Windows TCP/IP Information Disclosure Vulnerability | 5.3 |
Medium |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 7.5 |
High |
||
| Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | 4.4 |
Medium |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows libarchive Remote Code Execution Vulnerability | 7.3 |
High |
||
| Windows CoreMessaging Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Themes Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cryptographic Services Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Message Queuing Client (MSMQC) Information Disclosure | 6.5 |
Medium |
||
| Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Group Policy Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8 |
High |
||
| Windows Kerberos Security Feature Bypass Vulnerability | 8.8 |
High |
||
| BitLocker Security Feature Bypass Vulnerability | 6.6 |
Medium |
||
| Windows Local Session Manager (LSM) Denial of Service Vulnerability | 6.5 |
Medium |
||
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local and low-privileged attacker. | 7.1 |
High |
||
| Windows DNS Spoofing Vulnerability | 7.5 |
High |
||
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows MSHTML Platform Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Sysmain Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| DHCP Server Service Information Disclosure Vulnerability | 7.5 |
High |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| DHCP Server Service Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Telephony Server Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability | 7.5 |
High |
||
| XAML Diagnostics Elevation of Privilege Vulnerability | 7.3 |
High |
||
| DHCP Server Service Information Disclosure Vulnerability | 5.3 |
Medium |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS. | 6.8 |
Medium |
||
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | 9.8 |
Critical |
||
| Windows SmartScreen Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Authentication Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Authentication Denial of Service Vulnerability | 7.1 |
High |
||
| DHCP Server Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows User Interface Application Core Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Search Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Deployment Services Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows NTFS Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Storage Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows HMAC Key Derivation Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Microsoft Remote Registry Service Remote Code Execution Vulnerability | 7.2 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Hyper-V Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Scripting Engine Memory Corruption Vulnerability | 8.8 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Remote Registry Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | 8 |
High |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | 5.5 |
Medium |
||
| ASP.NET Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with. | 9.8 |
Critical |
||
| Windows MSHTML Platform Remote Code Execution Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows IIS Server Elevation of Privilege Vulnerability | 9.8 |
Critical |
||
| Microsoft QUIC Denial of Service Vulnerability | 7.5 |
High |
||
| Windows TCP/IP Information Disclosure Vulnerability | 7.5 |
High |
||
| PrintHTML API Remote Code Execution Vulnerability | 7.8 |
High |
||
| Microsoft WordPad Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Search Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Windows Deployment Services Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Windows Mark of the Web Security Feature Bypass Vulnerability | 5.4 |
Medium |
||
| Windows upnphost.dll Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.3 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows TCP/IP Denial of Service Vulnerability | 7.5 |
High |
||
| Windows TCP/IP Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Named Pipe Filesystem Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 8 |
High |
||
| Windows Kernel Security Feature Bypass Vulnerability | 4.4 |
Medium |
||
| Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft DirectMusic Remote Code Execution Vulnerability | 7.8 |
High |
||
| DHCP Server Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Deployment Services Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Deployment Services Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft AllJoyn API Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Media Foundation Core Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Runtime C++ Template Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability | 6.5 |
Medium |
||
| Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Mixed Reality Developer Tools Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Error Reporting Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Active Directory Domain Services Information Disclosure Vulnerability | 4.4 |
Medium |
||
| Windows Container Manager Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Power Management Service Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Named Pipe File System Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft QUIC Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Runtime Remote Code Execution Vulnerability | 7 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
High |
||
| When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. | 7.5 |
High |
||
| .NET Framework Remote Code Execution Vulnerability | 7.8 |
High |
||
| Visual Studio Remote Code Execution Vulnerability | 7.8 |
High |
||
| Visual Studio Remote Code Execution Vulnerability | 7.8 |
High |
||
| Visual Studio Remote Code Execution Vulnerability | 7.8 |
High |
||
| Visual Studio Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows TCP/IP Information Disclosure Vulnerability | 5.5 |
Medium |
||
| DHCP Server Service Information Disclosure Vulnerability | 5.3 |
Medium |
||
| Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows GDI Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows MSHTML Platform Security Feature Bypass Vulnerability | 7 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Miracast Wireless Display Remote Code Execution Vulnerability | 8.8 |
High |
||
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows TCP/IP Denial of Service Vulnerability | 7.5 |
High |
||
| DHCP Server Service Information Disclosure Vulnerability | 5.3 |
Medium |
||
| Windows GDI Elevation of Privilege Vulnerability | 7.8 |
High |
||
| DHCP Server Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| ASP.NET Elevation of Privilege Vulnerability | 8.8 |
High |
||
| .NET Framework Spoofing Vulnerability | 7.4 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Mobile Device Management Elevation of Privilege Vulnerability | 9.8 |
Critical |
||
| Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows HTML Platforms Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Fax Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Projected File System Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | 5.5 |
Medium |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Hyper-V Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Cryptographic Services Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Cryptographic Services Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows System Assessment Tool Elevation of Privilege Vulnerability | 9.8 |
Critical |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Group Policy Security Feature Bypass Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | 4.7 |
Medium |
||
| Windows Search Remote Code Execution Vulnerability | 7.5 |
High |
||
| Azure Active Directory Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows MSHTML Platform Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| USB Audio Class System Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| HTTP.sys Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| HTTP.sys Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Failover Cluster Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | 9.8 |
Critical |
||
| Active Template Library Elevation of Privilege Vulnerability | 6.7 |
Medium |
||
| Volume Shadow Copy Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Network Load Balancing Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Partition Management Driver Elevation of Privilege Vulnerability | 9.8 |
Critical |
||
| Windows Netlogon Information Disclosure Vulnerability | 7.4 |
High |
||
| Windows Error Reporting Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Kernel Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Clip Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Security Feature Bypass Vulnerability | 7.5 |
High |
||
| Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | 7.2 |
High |
||
| Active Directory Federation Service Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Microsoft Install Service Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows Geolocation Service Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Image Acquisition Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft DirectMusic Information Disclosure Vulnerability | 6.2 |
Medium |
||
| Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows CryptoAPI Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Peer Name Resolution Protocol Denial of Service Vulnerability | 7.5 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows MSHTML Platform Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Windows Remote Desktop Protocol Security Feature Bypass | 6.8 |
Medium |
||
| Windows Local Security Authority (LSA) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Extended Negotiation Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Authentication Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Transaction Manager Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows CDP User Components Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Print Spooler Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows OLE Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Deployment Services Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Deployment Services Denial of Service Vulnerability | 6.5 |
Medium |
||
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 6.5 |
Medium |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Runtime Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows SmartScreen Security Feature Bypass Vulnerability | 8.8 |
High |
||
| Windows MSHTML Platform Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Remote Desktop Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| OLE Automation Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Update Orchestrator Service Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Failover Cluster Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Cryptographic Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| .NET and Visual Studio Denial of Service Vulnerability | 7.5 |
High |
||
| .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | 7.5 |
High |
||
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | 7.5 |
High |
||
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | 7.8 |
High |
||
| .NET Framework Remote Code Execution Vulnerability | 7.8 |
High |
||
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows CryptoAPI Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Server Service Security Feature Bypass Vulnerability | 7.6 |
High |
||
| Windows SMB Witness Service Security Feature Bypass Vulnerability | 7.1 |
High |
||
| Windows DNS Spoofing Vulnerability | 5.6 |
Medium |
||
| Windows Kernel Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Microsoft PostScript Printer Driver Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Installer Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Hyper-V Denial of Service Vulnerability | 5.3 |
Medium |
||
| Windows iSCSI Discovery Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Collaborative Translation Framework Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows GDI Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Filtering Platform Elevation of Privilege Vulnerability | 7 |
High |
||
| iSCSI Target WMI Provider Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Geolocation Service Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Authentication Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Microsoft Streaming Service Elevation of Privilege Vulnerability | 8.4 |
High |
||
| GDI Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows GDI Elevation of Privilege Vulnerability | 7.8 |
High |
||
| DHCP Server Service Information Disclosure Vulnerability | 5.3 |
Medium |
||
| Windows Remote Desktop Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Windows Group Policy Elevation of Privilege Vulnerability | 8.1 |
High |
||
| NTFS Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows CryptoAPI Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Local Security Authority (LSA) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Unified Write Filter Elevation of Privilege Vulnerability | 6.7 |
Medium |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| HTTP.sys Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | 5.9 |
Medium |
||
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows OLE Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Driver Revocation List Security Feature Bypass Vulnerability | 5.5 |
Medium |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.7 |
Medium |
||
| Microsoft Word Security Feature Bypass Vulnerability | 7.5 |
High |
||
| Windows MSHTML Platform Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Microsoft SharePoint Server Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows iSCSI Target Service Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Bluetooth Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Network File System Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows NFS Portmapper Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows NTLM Security Support Provider Information Disclosure Vulnerability | 5.9 |
Medium |
||
| Server for NFS Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows SMB Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service. | 7.5 |
High |
||
| CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface. | 9.8 |
Critical |
||
| A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface. | 9.8 |
Critical |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Information Disclosure Vulnerability | 4.9 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Group Policy Security Feature Bypass Vulnerability | 4.4 |
Medium |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Clip Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Boot Manager Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Network File System Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Lock Screen Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Windows Registry Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Boot Manager Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Netlogon RPC Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Remote Desktop Protocol Client Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Common Log File System Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Network Load Balancing Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Kernel Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 7.5 |
High |
||
| DHCP Server Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Spoofing Vulnerability | 5.5 |
Medium |
||
| Windows Bluetooth Driver Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows NTLM Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability | 7.1 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows Kernel Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Error Reporting Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Information Disclosure Vulnerability | 5.3 |
Medium |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows SmartScreen Security Feature Bypass Vulnerability | 4.4 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Bluetooth Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 4.3 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Secure Channel Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Partition Management Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cryptographic Services Remote Code Execution Vulnerability | 7.8 |
High |
||
| Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability | 7.1 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Accounts Picture Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows HTTP.sys Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability | 7.1 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability | 7 |
High |
||
| HTTP Protocol Stack Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Bluetooth Driver Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability | 7 |
High |
||
| An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. | 7.8 |
High |
||
| An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. | 5.5 |
Medium |
||
| Windows Graphics Component Remote Code Execution Vulnerability | 7.8 |
High |
||
| .NET and Visual Studio Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| .NET Framework Denial of Service Vulnerability | 5 |
Medium |
||
| Windows iSCSI Service Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows iSCSI Discovery Service Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Fax Service Remote Code Execution Vulnerability | 6.8 |
Medium |
||
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 5.7 |
Medium |
||
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability | 7.5 |
High |
||
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| NT OS Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| HTTP.sys Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | 7.4 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Active Directory Domain Services API Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows iSCSI Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows MSHTML Platform Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 7.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| A CWE-306: Missing Authentication for Critical Function The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261) | 9.8 |
Critical |
||
| A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uploads a malicious JSP file. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261) | 9.8 |
Critical |
||
| A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261) | 7.8 |
High |
||
| A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261) | 7.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Runtime Denial of Service Vulnerability | 5.3 |
Medium |
||
| Windows iSCSI Service Denial of Service Vulnerability | 7.5 |
High |
||
| Windows GDI Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Event Tracing for Windows Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Authentication Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Cryptographic Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Task Scheduler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows SMB Witness Service Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Cryptographic Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows GDI Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 9.1 |
Critical |
||
| Windows Error Reporting Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cryptographic Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Boot Manager Security Feature Bypass Vulnerability | 6.6 |
Medium |
||
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | 7.8 |
High |
||
| BitLocker Security Feature Bypass Vulnerability | 6.8 |
Medium |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability | 5.3 |
Medium |
||
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Credential Manager User Interface Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Netlogon Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Bind Filter Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows NTLM Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | 3.3 |
Low |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Overlay Filter Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Windows Overlay Filter Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| PowerShell Remote Code Execution Vulnerability | 8.5 |
High |
||
| Windows Fax Compose Form Elevation of Privilege Vulnerability | 7.8 |
High |
||
| .NET Framework Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Contacts Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Media Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Error Reporting Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Bluetooth Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Bluetooth Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Projected File System Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 6.8 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows SmartScreen Security Feature Bypass Vulnerability | 5.4 |
Medium |
||
| Windows Kernel Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Mark of the Web Security Feature Bypass Vulnerability | 5.4 |
Medium |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Scripting Languages Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 7.2 |
High |
||
| Windows Group Policy Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Netlogon RPC Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Extensible File Allocation Table Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Kerberos Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Human Interface Device Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability | 7.5 |
High |
||
| Windows HTTP.sys Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| .NET Framework Information Disclosure Vulnerability | 5.8 |
Medium |
||
| Windows Group Policy Elevation of Privilege Vulnerability | 6.4 |
Medium |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | 5.9 |
Medium |
||
| Windows Mark of the Web Security Feature Bypass Vulnerability | 5.4 |
Medium |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Overlay Filter Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Overlay Filter Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Bind Filter Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Scripting Languages Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows COM+ Event System Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows GDI+ Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows TCP/IP Driver Denial of Service Vulnerability | 7.5 |
High |
||
| Windows CryptoAPI Spoofing Vulnerability | 7.5 |
High |
||
| Windows NTLM Spoofing Vulnerability | 6.5 |
Medium |
||
| Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | 5.9 |
Medium |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Local Session Manager (LSM) Denial of Service Vulnerability | 7.7 |
High |
||
| Windows Group Policy Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Active Directory Certificate Services Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Active Directory Certificate Services Security Feature Bypass | 7.5 |
High |
||
| Windows Hyper-V Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows DHCP Client Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Event Logging Service Denial of Service Vulnerability | 4.3 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows WLAN Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Group Policy Preference Client Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Group Policy Preference Client Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Local Session Manager (LSM) Denial of Service Vulnerability | 7.7 |
High |
||
| Windows Group Policy Preference Client Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Resilient File System Elevation of Privilege | 7.8 |
High |
||
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 3.3 |
Low |
||
| Windows Distributed File System (DFS) Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows DHCP Client Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Storage Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows ALPC Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows USB Serial Driver Information Disclosure Vulnerability | 4.3 |
Medium |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | 6.6 |
Medium |
||
| Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Workstation Service Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Security Support Provider Interface Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows CD-ROM File System Driver Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Server Service Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Web Account Manager Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Fax Service Remote Code Execution Vulnerability | 7.8 |
High |
||
| Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Group Policy Elevation of Privilege Vulnerability | 7.8 |
High |
||
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Enterprise App Management Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| HTTP V3 Denial of Service Vulnerability | 7.5 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Event Tracing Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows GDI Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows ALPC Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows DNS Server Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Distributed File System (DFS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 8.1 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 8.2 |
High |
||
| Windows Credential Roaming Service Elevation of Privilege Vulnerability | 7.3 |
High |
||
| .NET Framework Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Photo Import API Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | 6.7 |
Medium |
||
| A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | 6.7 |
Medium |
||
| A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | 6.7 |
Medium |
||
| Windows Defender Credential Guard Security Feature Bypass Vulnerability | 7.1 |
High |
||
| Windows Defender Credential Guard Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Error Reporting Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Bluetooth Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.3 |
High |
||
| Storage Spaces Direct Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Defender Credential Guard Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Storage Spaces Direct Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Storage Spaces Direct Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Storage Spaces Direct Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Storage Spaces Direct Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft ATA Port Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Network File System Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Defender Credential Guard Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Defender Credential Guard Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Defender Credential Guard Security Feature Bypass Vulnerability | 6 |
Medium |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Defender Credential Guard Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Partition Management Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 7.8 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Fax Service Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Partition Management Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows WebBrowser Control Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Defender Credential Guard Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Hyper-V Information Disclosure Vulnerability | 5.7 |
Medium |
||
| Windows Shell Remote Code Execution Vulnerability | 8.4 |
High |
||
| Windows Graphics Component Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Server Service Tampering Vulnerability | 8.8 |
High |
||
| Active Directory Federation Services Elevation of Privilege Vulnerability | 7.5 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows GDI+ Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Connected Devices Platform Service Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows IIS Server Elevation of Privilege Vulnerability | 7.4 |
High |
||
| Windows Security Account Manager (SAM) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Group Policy Elevation of Privilege Vulnerability | 6.6 |
Medium |
||
| Windows Boot Manager Security Feature Bypass Vulnerability | 7.4 |
High |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows BitLocker Information Disclosure Vulnerability | 5.7 |
Medium |
||
| Windows Fax Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| BitLocker Security Feature Bypass Vulnerability | 6.1 |
Medium |
||
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows.Devices.Picker.dll Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 6.8 |
Medium |
||
| Internet Information Services Dynamic Compression Module Denial of Service Vulnerability | 7.3 |
High |
||
| Windows Network File System Remote Code Execution Vulnerability | 7.5 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.5 |
High |
||
| Performance Counters for Windows Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Network File System Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Network File System Information Disclosure Vulnerability | 5.9 |
Medium |
||
| Windows Fax Service Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Internet Information Services Cachuri Module Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Fax Service Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | 6.6 |
Medium |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.1 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 4.7 |
Medium |
||
| Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Kerberos AppContainer Security Feature Bypass Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8.5 |
High |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kernel Denial of Service Vulnerability | 5.5 |
Medium |
||
| Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability | 5.3 |
Medium |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Desired State Configuration (DSC) Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows File History Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows iSCSI Discovery Service Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Container Manager Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows LSA Spoofing Vulnerability | 8.1 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 |
High |
||
| .NET Framework Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Print Spooler Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Clustered Shared Volume Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Clustered Shared Volume Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.8 |
High |
||
| BitLocker Security Feature Bypass Vulnerability | 4.2 |
Medium |
||
| Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Clustered Shared Volume Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows WLAN AutoConfig Service Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Clustered Shared Volume Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Failover Cluster Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Remote Desktop Protocol Client Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Storage Spaces Direct Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Network File System Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Storage Spaces Direct Elevation of Privilege Vulnerability | 8.2 |
High |
||
| Windows Authentication Information Disclosure Vulnerability | 7.4 |
High |
||
| Windows Hyper-V Security Feature Bypass Vulnerability | 4.1 |
Medium |
||
| Windows ALPC Elevation of Privilege Vulnerability | 7 |
High |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows User Profile Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Fax Compose Form Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Fax Compose Form Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Fax Compose Form Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Secure Channel Denial of Service Vulnerability | 7.5 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Graphics Component Remote Code Execution Vulnerability | 7.8 |
High |
||
| .NET Framework Denial of Service Vulnerability | 7.5 |
High |
||
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 7.5 |
High |
||
| DiskUsage.exe Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows Bluetooth Driver Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows File Server Resource Management Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
Medium |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows File Server Resource Management Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows File Explorer Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Work Folder Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| PowerShell Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Telephony Server Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows AppX Package Manager Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Kerberos Remote Code Execution Vulnerability | 8.1 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Server Service Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows ALPC Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | 8.1 |
High |
||
| Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Win32 Stream Enumeration Remote Code Execution Vulnerability | 7.5 |
High |
||
| Remote Desktop Protocol Remote Code Execution Vulnerability | 8 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows SMB Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows iSCSI Target Service Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Network File System Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Direct Show Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Network File System Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | 8.1 |
High |
||
| Cluster Client Failover (CCF) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Desktop Bridge Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Kerberos Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32 File Enumeration Remote Code Execution Vulnerability | 7.5 |
High |
||
| Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | 5.5 |
Medium |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows ALPC Elevation of Privilege Vulnerability | 7 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 6.5 |
Medium |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 7.8 |
High |
||
| Win32 Stream Enumeration Remote Code Execution Vulnerability | 7.5 |
High |
||
| Win32 File Enumeration Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows ALPC Elevation of Privilege Vulnerability | 7 |
High |
||
| Remote Desktop Protocol Client Information Disclosure Vulnerability | 5.4 |
Medium |
||
| Windows HTML Platforms Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Media Foundation Information Disclosure Vulnerability | 3.3 |
Low |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Runtime Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows User Profile Service Elevation of Privilege Vulnerability | 7 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 7.5 |
High |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Denial of Service Vulnerability | 7.5 |
High |
||
| NTFS Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Feedback Hub Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Chakra Scripting Engine Memory Corruption Vulnerability | 7.5 |
High |
||
| Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | 7.8 |
High |
||
| Microsoft COM for Windows Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability | 6.8 |
Medium |
||
| Windows NTFS Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | 4.4 |
Medium |
||
| NTFS Elevation of Privilege Vulnerability | 7.8 |
High |
||
| NTFS Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Denial of Service Vulnerability | 7.5 |
High |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 8.8 |
High |
||
| Remote Desktop Protocol Client Information Disclosure Vulnerability | 7.4 |
High |
||
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | 4.4 |
Medium |
||
| Windows Desktop Bridge Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability | 9 |
Critical |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Active Directory Federation Server Spoofing Vulnerability | 5.4 |
Medium |
||
| Windows AppX Deployment Service Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Storage Spaces Controller Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Fast FAT File System Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows MSHTML Platform Remote Code Execution Vulnerability | 8.8 |
High |
||
| Windows Graphics Component Remote Code Execution Vulnerability | 7.8 |
High |
||
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability | 5.5 |
Medium |
||
| Active Directory Security Feature Bypass Vulnerability | 4.9 |
Medium |
||
| Windows Kernel Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Desktop Bridge Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Storage Spaces Controller Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Storage Spaces Controller Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Storage Spaces Controller Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Event Tracing Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows AppContainer Elevation Of Privilege Vulnerability | 7.8 |
High |
||
| Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows DNS Server Remote Code Execution Vulnerability | 7.2 |
High |
||
| Windows Bind Filter Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Text Shaping Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Nearby Sharing Elevation of Privilege Vulnerability | 8 |
High |
||
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | 7.7 |
High |
||
| Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability | 7.8 |
High |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 9 |
Critical |
||
| Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Windows AD FS Security Feature Bypass Vulnerability | 7.5 |
High |
||
| Windows Installer Spoofing Vulnerability | 5.5 |
Medium |
||
| Rich Text Edit Control Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 9 |
Critical |
||
| Windows exFAT File System Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Fast FAT File System Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Print Spooler Spoofing Vulnerability | 8.8 |
High |
||
| Windows TCP/IP Denial of Service Vulnerability | 7.5 |
High |
||
| Windows HTTP.sys Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Storage Spaces Controller Elevation of Privilege Vulnerability | 7.8 |
High |
||
Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Please see the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability. UPDATE September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system. |
8.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Storage Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Microsoft Windows Update Client Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| BitLocker Security Feature Bypass Vulnerability | 5.7 |
Medium |
||
| Windows Event Tracing Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability | 6.5 |
Medium |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Key Storage Provider Security Feature Bypass Vulnerability | 6.5 |
Medium |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows SMB Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows SMB Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability | 5.5 |
Medium |
||
| Windows WLAN AutoConfig Service Remote Code Execution Vulnerability | 9.8 |
Critical |
||
| Windows Event Tracing Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
High |
||
| Windows Installer Denial of Service Vulnerability | 6.1 |
Medium |
||
| Windows SMB Information Disclosure Vulnerability | 7.5 |
High |
||
| Windows Authenticode Spoofing Vulnerability | 5.5 |
Medium |
||
| Windows Bind Filter Driver Elevation of Privilege Vulnerability | 8.8 |
High |
||
| Windows Scripting Engine Memory Corruption Vulnerability | 8.1 |
High |
||
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (Note: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ):
Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design. UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates. Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527. |
8.8 |
High |
||
| Windows DCOM Server Security Feature Bypass | 6.5 |
Medium |
||
| Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format is different from the original CVE published in 2013, except for clarifications about how to configure the EnableCertPaddingCheck registry value, the information herein remains unchanged from the original text published on December 10, 2013, Microsoft does not plan to enforce the stricter verification behavior as a default functionality on supported releases of Microsoft Windows. This behavior remains available as an opt-in feature via reg key setting, and is available on supported editions of Windows released since December 10, 2013. This includes all currently supported versions of Windows 10 and Windows 11. The supporting code for this reg key was incorporated at the time of release for Windows 10 and Windows 11, so no security update is required; however, the reg key must be set. See the Security Updates table for the list of affected software. Vulnerability Description A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for portable executable (PE) files. An anonymous attacker could exploit the vulnerability by modifying an existing signed executable file to leverage unverified portions of the file in such a way as to add malicious code to the file without invalidating the signature. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of this vulnerability requires that a user or application run or install a specially crafted, signed PE file. An attacker could modify an... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900 | 8.8 |
High |
2025©
tesweb SA
