Raw Image Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Raw Image Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
.NET DLL Hijacking Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Registry Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Kernel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows NTLM Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer (CWE-119) due to improper check of its data size. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials (API key for an external service), which may allow a local attacker to obtain the hard-coded API key. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Azure Service Connector Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Windows Network File System Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
Windows Bluetooth Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.
Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Microsoft Defender Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions >=. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Microsoft SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7),. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.
Windows Clip Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).
Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).
Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.