Skip to main content

Windows 11 21H2

970 CVEs product

Monthly

CVE-2023-24913 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24911 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2023-24910 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft 365 Office +13
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-24909 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24908 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-24907 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24906 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24880 MEDIUM KEV PATCH THREAT This Month

Windows SmartScreen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +7
NVD
CVSS 3.1
4.4
EPSS
78.2%
CVE-2023-24876 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-24872 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24871 HIGH PATCH This Week

Windows Bluetooth Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 20H2 Windows 10 21h2 +4
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2023-24870 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24869 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-24868 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24867 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24866 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24865 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24864 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24863 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24862 MEDIUM PATCH This Month

Windows Secure Channel Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-24861 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-24859 HIGH PATCH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-24858 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-24857 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24856 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-23423 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23422 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23421 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-23420 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-23417 HIGH PATCH This Week

Windows Partition Management Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-23416 HIGH PATCH This Week

Windows Cryptographic Services Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
7.6%
CVE-2023-23415 CRITICAL PATCH Act Now

Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2023-23414 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-23413 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-23411 MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-23410 HIGH POC PATCH This Week

Windows HTTP.sys Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
8.0%
CVE-2023-23409 MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-23407 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-23406 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-23405 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-23404 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2023-23403 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-23402 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23401 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23394 MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-23393 HIGH PATCH This Week

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-23392 CRITICAL PATCH Act Now

HTTP Protocol Stack Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Windows 11 21H2 Windows 11 22h2 +1
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-23388 HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-23385 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-21708 CRITICAL PATCH Act Now

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-1017 HIGH This Week

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Denial Of Service Trusted Platform Module +11
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2023-1018 MEDIUM This Month

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Trusted Platform Module Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
5.5
EPSS
5.6%
CVE-2023-21823 HIGH KEV PATCH THREAT This Week

Windows Graphics Component Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
5.6%
CVE-2023-23376 HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
10.9%
CVE-2023-21822 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 +12
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21820 HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.

Buffer Overflow RCE Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2023-21819 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1809 +6
NVD
CVSS 3.1
7.5
EPSS
30.8%
CVE-2023-21818 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
43.2%
CVE-2023-21817 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Authentication Bypass Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21816 HIGH PATCH This Week

Windows Active Directory Domain Services API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21813 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21812 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2023-21811 HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21805 HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21804 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21802 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-21801 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21799 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21798 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21797 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21702 HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 +12
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21701 HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21700 HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-21695 HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 +12
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-21694 MEDIUM PATCH This Month

Windows Fax Service Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 +12
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2023-21693 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +11
NVD
CVSS 3.1
5.7
EPSS
1.4%
CVE-2023-21692 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
21.2%
CVE-2023-21691 HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-21690 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
27.5%
CVE-2023-21689 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
26.5%
CVE-2023-21688 HIGH PATCH This Week

NT OS Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2023-21687 MEDIUM PATCH This Month

HTTP.sys Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 11 21H2 Windows 11 22h2 Windows Server 2022
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-21686 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-21685 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-21684 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-21774 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21773 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21772 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21755 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21754 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.5%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Information Disclosure Microsoft +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +15
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +11
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 78% CVSS 4.4
MEDIUM KEV PATCH THREAT This Month

Windows SmartScreen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Authentication Bypass Windows 10 1607 +9
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure +13
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Windows Bluetooth Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +6
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Secure Channel Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +12
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Partition Management Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +10
NVD
EPSS 8% CVSS 7.8
HIGH PATCH This Week

Windows Cryptographic Services Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +13
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 +10
NVD
EPSS 8% CVSS 7.8
HIGH POC PATCH This Week

Windows HTTP.sys Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Microsoft +13
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

HTTP Protocol Stack Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +13
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +13
NVD
EPSS 6% CVSS 5.5
MEDIUM This Month

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Trusted Platform Module +11
NVD
EPSS 6% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Graphics Component Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 11% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +14
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.

Buffer Overflow RCE Microsoft +13
NVD
EPSS 31% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +8
NVD
EPSS 43% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Authentication Bypass Windows 10 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Active Directory Domain Services API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +13
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure +14
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Fax Service Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 21% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 28% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 27% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

NT OS Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

HTTP.sys Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 11 21H2 +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow RCE Microsoft +13
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft +15
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft +15
NVD
Prev Page 10 of 11 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy