Skip to main content

Windows 10

2872 CVEs product

Monthly

CVE-2019-0772 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +7
NVD
CVSS 3.0
8.8
EPSS
13.2%
CVE-2019-0767 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2019-0766 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2019-0765 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Windows 10 Windows 7 +6
NVD
CVSS 3.0
8.8
EPSS
14.3%
CVE-2019-0759 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.7%
CVE-2019-0756 HIGH PATCH This Week

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Microsoft RCE Windows 10 Windows 7 +6
NVD
CVSS 3.0
8.8
EPSS
12.5%
CVE-2019-0755 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
2.4%
CVE-2019-0754 MEDIUM PATCH This Month

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.6%
CVE-2019-0726 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +2
NVD
CVSS 3.0
9.8
EPSS
54.0%
CVE-2019-0704 MEDIUM PATCH This Month

An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
5.6%
CVE-2019-0702 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.6%
CVE-2019-0701 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
6.8
EPSS
1.9%
CVE-2019-0698 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +2
NVD
CVSS 3.0
9.8
EPSS
62.8%
CVE-2019-0697 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +2
NVD
CVSS 3.0
9.8
EPSS
29.6%
CVE-2019-0696 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2019-0695 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
6.8
EPSS
1.9%
CVE-2019-0694 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0693 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0692 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0690 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
6.8
EPSS
1.9%
CVE-2019-0689 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0682 HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-0617 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
19.6%
CVE-2019-0614 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
6.6%
CVE-2019-0603 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.5
EPSS
34.2%
CVE-2019-0663 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
2.3%
CVE-2019-0662 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
8.8
EPSS
15.4%
CVE-2019-0660 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
7.7%
CVE-2019-0659 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
7.0
EPSS
1.0%
CVE-2019-0656 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2019-0637 HIGH PATCH This Week

A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
7.5
EPSS
4.3%
CVE-2019-0636 MEDIUM PATCH This Month

An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
2.0%
CVE-2019-0635 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
6.2
EPSS
2.4%
CVE-2019-0633 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
8.8
EPSS
13.0%
CVE-2019-0632 HIGH PATCH This Week

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Powershell Core Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2019-0631 HIGH PATCH This Week

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Powershell Core Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2019-0630 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
8.8
EPSS
17.8%
CVE-2019-0628 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
2.1%
CVE-2019-0627 HIGH PATCH This Week

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Powershell Core Windows 10 Windows Server 2016 +1
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2019-0626 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +7
NVD
CVSS 3.0
9.8
EPSS
68.3%
CVE-2019-0625 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
16.1%
CVE-2019-0623 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
5.9%
CVE-2019-0621 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
2.1%
CVE-2019-0619 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
7.7%
CVE-2019-0618 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
8.8
EPSS
67.0%
CVE-2019-0616 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
7.7%
CVE-2019-0615 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
7.7%
CVE-2019-0602 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
7.7%
CVE-2019-0601 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. Rated medium severity (CVSS 4.7).

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.0
4.7
EPSS
1.8%
CVE-2019-0600 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. Rated medium severity (CVSS 4.7).

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.0
4.7
EPSS
1.7%
CVE-2019-0599 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
20.1%
CVE-2019-0598 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
20.1%
CVE-2019-0597 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
16.1%
CVE-2019-0596 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
16.1%
CVE-2019-0595 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
19.1%
CVE-2019-0584 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
13.6%
CVE-2019-0583 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
16.1%
CVE-2019-0582 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office Office 365 Proplus Windows 10 +7
NVD
CVSS 3.1
7.8
EPSS
12.3%
CVE-2019-0581 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
13.6%
CVE-2019-0580 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
17.3%
CVE-2019-0579 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
17.3%
CVE-2019-0578 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
13.6%
CVE-2019-0577 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
17.3%
CVE-2019-0576 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
17.3%
CVE-2019-0575 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
13.6%
CVE-2019-0574 HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
19.4%
CVE-2019-0573 HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 Windows Server 2016 Windows Server 2019
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
20.1%
CVE-2019-0572 HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
25.1%
CVE-2019-0571 HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
15.8%
CVE-2019-0570 HIGH POC PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Microsoft Information Disclosure Memory Corruption Windows 10 +5
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
3.0%
CVE-2019-0569 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2019-0555 HIGH POC PATCH This Week

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument. Rated high severity (CVSS 7.8). Public exploit code available.

Authentication Bypass Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
2.4%
CVE-2019-0554 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2019-0553 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka "Windows Subsystem for Linux Information Disclosure Vulnerability." This. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2019-0552 HIGH POC PATCH This Week

An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.5%
CVE-2019-0551 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
8.4
EPSS
4.5%
CVE-2019-0550 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
8.4
EPSS
4.5%
CVE-2019-0549 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2019-0547 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka "Windows DHCP Client Remote Code Execution Vulnerability.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10
NVD
CVSS 3.0
9.8
EPSS
71.4%
CVE-2019-0538 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office Windows 10 Windows 7 +6
NVD
CVSS 3.1
7.8
EPSS
20.5%
CVE-2019-0536 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2018-8649 MEDIUM PATCH This Month

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 Windows Server 2019
NVD
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-8641 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2018-8638 MEDIUM PATCH This Month

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2019
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2018-8637 MEDIUM PATCH This Month

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2018-8634 HIGH PATCH This Week

A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
8.8
EPSS
14.5%
CVE-2018-8626 CRITICAL PATCH Act Now

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft RCE Buffer Overflow Windows 10 +3
NVD
CVSS 3.0
9.8
EPSS
21.1%
CVE-2018-8612 MEDIUM PATCH This Month

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
5.5
EPSS
1.4%
CVE-2018-8599 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Visual Studio Visual Studio 2017 Windows 10 +2
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-8596 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
6.9%
EPSS 13% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +9
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +2
NVD
EPSS 14% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +8
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 12% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Microsoft RCE +8
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 +7
NVD
EPSS 54% CVSS 9.8
CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +4
NVD
EPSS 6% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 6.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 +2
NVD
EPSS 63% CVSS 9.8
CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +4
NVD
EPSS 30% CVSS 9.8
CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +2
NVD
EPSS 2% CVSS 6.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 2% CVSS 6.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Microsoft Buffer Overflow +3
NVD
EPSS 20% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 7% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 34% CVSS 7.5
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft RCE Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 15% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 8% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +2
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 +2
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 6.2
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 13% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Powershell Core +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Powershell Core +3
NVD
EPSS 18% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 7 +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Powershell Core +3
NVD
EPSS 68% CVSS 9.8
CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +9
NVD
EPSS 16% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 8% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 67% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 8% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 8% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 8% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 4.7
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. Rated medium severity (CVSS 4.7).

Information Disclosure Windows 10 Windows 7 +6
NVD
EPSS 2% CVSS 4.7
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. Rated medium severity (CVSS 4.7).

Information Disclosure Windows 10 Windows 7 +6
NVD
EPSS 20% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 20% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 16% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 16% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 19% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 14% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 16% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 12% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office +9
NVD
EPSS 14% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 17% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 17% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 14% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 17% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 17% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 14% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +7
NVD
EPSS 19% CVSS 7.8
HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 +2
NVD Exploit-DB
EPSS 20% CVSS 7.8
HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 +2
NVD Exploit-DB
EPSS 25% CVSS 7.8
HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 +2
NVD Exploit-DB
EPSS 16% CVSS 7.8
HIGH POC PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 +2
NVD Exploit-DB
EPSS 3% CVSS 7.8
HIGH POC PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Microsoft Information Disclosure +7
NVD Exploit-DB
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument. Rated high severity (CVSS 7.8). Public exploit code available.

Authentication Bypass Microsoft Windows 10 +5
NVD Exploit-DB
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka "Windows Subsystem for Linux Information Disclosure Vulnerability." This. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +2
NVD
EPSS 3% CVSS 8.8
HIGH POC PATCH This Week

An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 +5
NVD Exploit-DB
EPSS 4% CVSS 8.4
HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 +2
NVD
EPSS 4% CVSS 8.4
HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 +2
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 71% CVSS 9.8
CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka "Windows DHCP Client Remote Code Execution Vulnerability.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +2
NVD
EPSS 21% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office +8
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +2
NVD
EPSS 15% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Windows 10 +2
NVD
EPSS 21% CVSS 9.8
CRITICAL PATCH Act Now

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft RCE +5
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Visual Studio +4
NVD
EPSS 7% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
Prev Page 24 of 32 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy