Windows 10 21h2
Monthly
Active Template Library Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Volume Shadow Copy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows MSHTML Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.
OLE Automation Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
Windows Update Orchestrator Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.
Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Netlogon Information Disclosure Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.
Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.
Microsoft PostScript Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Installer Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Windows Container Manager Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Collaborative Translation Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Windows Filtering Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).
Windows Geolocation Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.
GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Microsoft Word Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Windows Driver Revocation List Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Microsoft SharePoint Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.
Windows Bluetooth Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Backup Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows iSCSI Target Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Bluetooth Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Server for NFS Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Windows NFS Portmapper Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows NTLM Security Support Provider Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Kernel Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Windows Group Policy Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Windows Lock Screen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.
Remote Desktop Protocol Client Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Common Log File System Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Active Template Library Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Volume Shadow Copy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows MSHTML Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.
OLE Automation Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
Windows Update Orchestrator Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.
Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Netlogon Information Disclosure Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.
Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.
Microsoft PostScript Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Installer Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Windows Container Manager Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Collaborative Translation Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Windows Filtering Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).
Windows Geolocation Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.
GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Microsoft Word Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Windows Driver Revocation List Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Microsoft SharePoint Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.
Windows Bluetooth Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Backup Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows iSCSI Target Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Windows Bluetooth Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Server for NFS Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Windows NFS Portmapper Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows NTLM Security Support Provider Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Kernel Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Windows Group Policy Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Windows Lock Screen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.
Remote Desktop Protocol Client Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Common Log File System Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.