Skip to main content

Windows 10 22h2

1642 CVEs product

Monthly

CVE-2023-23412 HIGH PATCH This Week

Windows Accounts Picture Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-23411 MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-23410 HIGH POC PATCH This Week

Windows HTTP.sys Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
8.0%
CVE-2023-23409 MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-23407 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-23406 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-23405 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-23404 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2023-23403 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-23402 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23401 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23394 MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-23393 HIGH PATCH This Week

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-23388 HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-23385 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-21708 CRITICAL PATCH Act Now

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-1017 HIGH This Week

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Denial Of Service Trusted Platform Module +11
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2023-1018 MEDIUM This Month

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Trusted Platform Module Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
5.5
EPSS
5.6%
CVE-2023-21823 HIGH KEV PATCH THREAT This Week

Windows Graphics Component Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
5.6%
CVE-2023-23376 HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
10.9%
CVE-2023-21822 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 +12
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21820 HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.

Buffer Overflow RCE Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2023-21819 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1809 +6
NVD
CVSS 3.1
7.5
EPSS
30.8%
CVE-2023-21818 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
43.2%
CVE-2023-21817 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Authentication Bypass Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21816 HIGH PATCH This Week

Windows Active Directory Domain Services API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21813 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21812 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2023-21811 HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21805 HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21804 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21803 CRITICAL PATCH Act Now

Windows iSCSI Discovery Service Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +5
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-21802 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-21801 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21799 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21798 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21797 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21702 HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 +12
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21701 HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21700 HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21699 MEDIUM PATCH This Month

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +8
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2023-21697 MEDIUM PATCH This Month

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +8
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-21695 HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 +12
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-21694 MEDIUM PATCH This Month

Windows Fax Service Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 +12
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2023-21693 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
5.7
EPSS
1.4%
CVE-2023-21692 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
21.2%
CVE-2023-21691 HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-21690 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
27.5%
CVE-2023-21689 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
26.5%
CVE-2023-21688 HIGH PATCH This Week

NT OS Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2023-21686 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-21685 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21684 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-21774 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21773 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21772 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21755 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21754 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21750 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2023-21749 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21748 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21747 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21739 HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2023-21733 HIGH This Week

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Microsoft Heap Overflow Windows 10 20H2 Windows 10 21h2 +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-21732 HIGH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-21730 HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21728 HIGH This Week

Windows Netlogon Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21726 HIGH This Week

Windows Credential Manager User Interface Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21724 HIGH This Week

Microsoft DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 20H2 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21683 HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21682 MEDIUM This Month

Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2023-21681 HIGH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-21680 HIGH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21679 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free RCE Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21678 HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-21677 HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +8
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21676 HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-21675 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21674 HIGH KEV PATCH THREAT This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
41.5%
CVE-2023-21563 MEDIUM This Month

BitLocker Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +11
NVD
CVSS 3.1
6.8
EPSS
1.5%
CVE-2023-21561 HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21560 MEDIUM This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2023-21559 MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-21557 HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21556 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2023-21555 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21552 HIGH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2023-21551 HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21550 MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-21549 HIGH This Week

Windows SMB Witness Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +11
NVD
CVSS 3.1
8.8
EPSS
1.4%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Accounts Picture Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 1507 +9
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 +10
NVD
EPSS 8% CVSS 7.8
HIGH POC PATCH This Week

Windows HTTP.sys Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Microsoft +13
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +13
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +13
NVD
EPSS 6% CVSS 5.5
MEDIUM This Month

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Trusted Platform Module +11
NVD
EPSS 6% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Graphics Component Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 11% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +14
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.

Buffer Overflow RCE Microsoft +13
NVD
EPSS 31% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +8
NVD
EPSS 43% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Authentication Bypass Windows 10 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Active Directory Domain Services API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +13
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +12
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows iSCSI Discovery Service Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure +14
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +13
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +10
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft +10
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Fax Service Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 21% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 28% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 27% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

NT OS Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow RCE Microsoft +13
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft +15
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft +15
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 +14
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +9
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +6
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft +15
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Netlogon Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 +14
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Credential Manager User Interface Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Microsoft DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +7
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft +13
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft +15
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft +15
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free RCE Memory Corruption +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 +10
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 1809 +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Microsoft +15
NVD
EPSS 42% CVSS 8.8
HIGH KEV PATCH THREAT This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +14
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

BitLocker Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Windows 10 1607 Windows 10 1809 +13
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft +15
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +15
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Microsoft +15
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow RCE Microsoft +15
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 +14
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +9
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Windows SMB Witness Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 +13
NVD
Prev Page 18 of 19 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy