Skip to main content

Windows 11 21H2

970 CVEs product

Monthly

CVE-2023-21750 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2023-21749 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21748 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21747 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21739 HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2023-21733 HIGH This Week

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Microsoft Heap Overflow Windows 10 20H2 Windows 10 21h2 +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-21732 HIGH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-21730 HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21728 HIGH This Week

Windows Netlogon Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21726 HIGH This Week

Windows Credential Manager User Interface Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21724 HIGH This Week

Microsoft DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 20H2 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21683 HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21682 MEDIUM This Month

Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2023-21681 HIGH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-21680 HIGH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21679 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free RCE Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21678 HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-21677 HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +8
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21676 HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-21675 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-21674 HIGH KEV PATCH THREAT This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
41.5%
CVE-2023-21563 MEDIUM This Month

BitLocker Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +11
NVD
CVSS 3.1
6.8
EPSS
1.5%
CVE-2023-21561 HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21560 MEDIUM This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2023-21559 MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-21557 HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21556 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2023-21555 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21552 HIGH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2023-21551 HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21550 MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-21549 HIGH This Week

Windows SMB Witness Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +11
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-21548 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21547 HIGH This Week

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.5
EPSS
88.2%
CVE-2023-21546 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21543 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.1
EPSS
1.7%
CVE-2023-21541 HIGH This Week

Windows Task Scheduler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-21540 MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-21539 HIGH This Week

Windows Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 20H2 +5
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-21537 HIGH This Week

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21536 MEDIUM This Month

Event Tracing for Windows Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 +6
NVD
CVSS 3.1
4.7
EPSS
0.4%
CVE-2023-21535 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +11
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21532 HIGH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-21527 HIGH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-21525 MEDIUM This Month

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Windows 10 1607 Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +11
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2022-44698 MEDIUM KEV PATCH THREAT This Month

Windows SmartScreen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +7
NVD
CVSS 3.1
5.4
EPSS
76.1%
CVE-2022-41128 HIGH KEV PATCH THREAT This Week

Windows Scripting Languages Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft RCE Buffer Overflow Windows 10 1507 +15
NVD
CVSS 3.1
8.8
EPSS
24.6%
CVE-2022-41125 HIGH KEV PATCH THREAT This Week

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2022-41091 MEDIUM KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.4
EPSS
2.0%
CVE-2022-41073 HIGH KEV PATCH THREAT This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2022-41049 MEDIUM KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.4
EPSS
2.5%
CVE-2022-41033 HIGH KEV PATCH THREAT This Week

Windows COM+ Event System Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2022-37969 HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.8
EPSS
28.5%
CVE-2022-34713 HIGH KEV PATCH THREAT This Week

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
68.0%
CVE-2022-22047 HIGH KEV PATCH THREAT This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
18.8%
CVE-2022-26934 MEDIUM PATCH This Month

Windows Graphics Component Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 17.4%.

Microsoft Information Disclosure 365 Apps Office Office Long Term Servicing Channel +17
NVD VulDB
CVSS 3.1
6.5
EPSS
17.4%
CVE-2022-26925 MEDIUM KEV PATCH THREAT This Month

Windows LSA Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +14
NVD
CVSS 3.1
5.9
EPSS
10.5%
CVE-2022-26923 HIGH POC KEV PATCH THREAT This Week

Active Directory Domain Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 1909 +10
NVD GitHub
CVSS 3.1
8.8
EPSS
83.3%
CVE-2022-26904 HIGH POC KEV PATCH THREAT Act Now

Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.0
EPSS
9.8%
CVE-2022-24521 HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.8
EPSS
7.3%
CVE-2021-43226 HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +16
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2021-41379 MEDIUM KEV PATCH THREAT This Month

Windows Installer Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +15
NVD
CVSS 3.1
5.5
EPSS
20.1%
CVE-2021-41357 HIGH KEV PATCH THREAT This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 2004 Windows 10 20H2 Windows 10 21H1 Windows 11 21H2 +3
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-40465 HIGH PATCH This Week

Windows Text Shaping Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 21H2 Windows 7 +8
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-40463 HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Denial Of Service Windows 10 Windows 11 21H2 Windows 8 1 +5
NVD
CVSS 3.1
7.7
EPSS
2.4%
CVE-2021-40462 HIGH PATCH This Week

Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 11 21H2 +4
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2021-40450 HIGH KEV PATCH THREAT This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1809 Windows 10 1909 Windows 10 2004 Windows 10 20H2 +6
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2021-40449 HIGH POC KEV PATCH THREAT Act Now

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure Windows 10 1507 Windows 10 1607 +17
NVD
CVSS 3.1
7.8
EPSS
73.4%
CVE-2021-34527 HIGH POC KEV PATCH THREAT Act Now

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +14
NVD
CVSS 3.1
8.8
EPSS
99.8%
CVE-2019-0887 HIGH PATCH This Week

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal RCE Remote Desktop Client Windows 10 Windows 11 21H2 +7
NVD
CVSS 3.1
8.0
EPSS
71.0%
EPSS 1% CVSS 7.1
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 +14
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +9
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +6
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft +15
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Netlogon Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 +14
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Credential Manager User Interface Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Microsoft DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +7
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft +13
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft +15
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft +15
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free RCE Memory Corruption +16
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 10 1607 +10
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 1809 +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Microsoft +15
NVD
EPSS 42% CVSS 8.8
HIGH KEV PATCH THREAT This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +14
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

BitLocker Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Windows 10 1607 Windows 10 1809 +13
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft +15
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Heap Overflow +15
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Microsoft +15
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow RCE Microsoft +15
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 +14
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +9
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Windows SMB Witness Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 +13
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 +14
NVD
EPSS 88% CVSS 7.5
HIGH This Week

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft +9
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 +14
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Denial Of Service Microsoft +15
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windows Task Scheduler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Windows Authentication Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Buffer Overflow Information Disclosure +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 1607 +14
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Event Tracing for Windows Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). No vendor patch available.

Buffer Overflow Information Disclosure Microsoft +8
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 +13
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

Use After Free Information Disclosure Memory Corruption +16
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Windows iSCSI Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Microsoft +15
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Windows 10 1607 Windows 10 1809 +13
NVD
EPSS 76% CVSS 5.4
MEDIUM KEV PATCH THREAT This Month

Windows SmartScreen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 +9
NVD
EPSS 25% CVSS 8.8
HIGH KEV PATCH THREAT This Week

Windows Scripting Languages Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft RCE +17
NVD
EPSS 3% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow +14
NVD
EPSS 2% CVSS 5.4
MEDIUM KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow +16
NVD
EPSS 2% CVSS 5.4
MEDIUM KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows COM+ Event System Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft +16
NVD
EPSS 28% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow +15
NVD
EPSS 68% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 1507 +15
NVD
EPSS 19% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 17% CVSS 6.5
MEDIUM PATCH This Month

Windows Graphics Component Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 17.4%.

Microsoft Information Disclosure 365 Apps +19
NVD VulDB
EPSS 10% CVSS 5.9
MEDIUM KEV PATCH THREAT This Month

Windows LSA Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Microsoft Windows 10 1507 +16
NVD
EPSS 83% CVSS 8.8
HIGH POC KEV PATCH THREAT This Week

Active Directory Domain Services Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +12
NVD GitHub
EPSS 10% CVSS 7.0
HIGH POC KEV PATCH THREAT Act Now

Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Microsoft Information Disclosure +17
NVD
EPSS 7% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft Buffer Overflow +17
NVD
EPSS 3% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +18
NVD
EPSS 20% CVSS 5.5
MEDIUM KEV PATCH THREAT This Month

Windows Installer Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +17
NVD
EPSS 2% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 2004 Windows 10 20H2 +5
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Windows Text Shaping Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +10
NVD
EPSS 2% CVSS 7.7
HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Denial Of Service Windows 10 +7
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 +6
NVD
EPSS 2% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1809 Windows 10 1909 +8
NVD
EPSS 73% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure +19
NVD
EPSS 100% CVSS 8.8
HIGH POC KEV PATCH THREAT Act Now

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft RCE Windows 10 1507 +16
NVD
EPSS 71% CVSS 8.0
HIGH PATCH This Week

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal RCE Remote Desktop Client +9
NVD
Prev Page 11 of 11

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy