Microsoft Exchange Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
MyBB is a free and open source forum software. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Maddy Mail Server is an open source SMTP compatible email server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Win32 File Enumeration Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Windows Event Tracing Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
HEIF Image Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Paint 3D Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
VP9 Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Azure Site Recovery Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
VP9 Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Windows Fax and Scan Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows CD-ROM Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Windows Security Support Provider Interface Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Raw Image Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows PDEV Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Raw Image Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Windows DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Windows Inking COM Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Microsoft Defender for IoT Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Azure Site Recovery Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Microsoft Defender for IoT Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Stripe CLI is a command-line tool for the Stripe eCommerce platform. Rated high severity (CVSS 7.0). This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.
Windows Update Stack Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.
Windows ALPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.
Tablet Windows User Interface Application Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
Windows NT OS Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.