Skip to main content

Windows 11 21H2

970 CVEs product

Monthly

CVE-2023-36585 HIGH PATCH This Week

Windows upnphost.dll Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1809 Windows 10 21H1 +8
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2023-36584 MEDIUM KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1809 Windows 10 21H1 +8
NVD
CVSS 3.1
5.4
EPSS
3.1%
CVE-2023-36583 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 +11
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36582 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36581 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-36579 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-36578 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36577 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +10
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2023-36576 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1809 +7
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2023-36575 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36574 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36573 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36572 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36571 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36570 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36567 HIGH PATCH This Week

Windows Deployment Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1809 Windows 10 21H1 +8
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-36564 MEDIUM PATCH This Month

Windows Search Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2023-36563 MEDIUM KEV PATCH THREAT This Month

Microsoft WordPad Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.5
EPSS
20.7%
CVE-2023-36557 HIGH PATCH This Week

PrintHTML API Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-36438 HIGH PATCH This Week

Windows TCP/IP Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-36436 HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1809 Windows 10 21H1 +8
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-36435 NuGet HIGH PATCH This Week

Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Net Windows 11 21H2 Windows 11 22h2 +1
NVD
CVSS 3.1
7.5
EPSS
5.5%
CVE-2023-36434 CRITICAL PATCH Act Now

Windows IIS Server Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2023-36431 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-35349 CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-38039 HIGH POC THREAT This Week

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Curl Fedora Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
7.5
EPSS
62.2%
CVE-2023-38161 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-38160 MEDIUM PATCH This Month

Windows TCP/IP Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2023-38150 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 11 21H2 Windows 11 22h2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-38149 HIGH PATCH This Week

Windows TCP/IP Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
4.3%
CVE-2023-38148 HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Stack Overflow Buffer Overflow RCE Windows 10 21h2 Windows 10 22h2 +2
NVD
CVSS 3.1
8.8
EPSS
8.2%
CVE-2023-38147 HIGH PATCH This Week

Windows Miracast Wireless Display Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +9
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-38146 HIGH POC PATCH THREAT Act Now

Windows Themes Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 11 21H2 Windows 11 22h2
NVD GitHub
CVSS 3.1
8.8
EPSS
39.5%
CVE-2023-38144 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
5.4%
CVE-2023-38143 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
4.4%
CVE-2023-38142 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
6.5%
CVE-2023-38141 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-38140 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2023-38139 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-36805 HIGH PATCH This Week

Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.0
EPSS
2.3%
CVE-2023-36804 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2023-36803 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2023-36802 HIGH KEV PATCH THREAT This Week

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1809 +6
NVD
CVSS 3.1
7.8
EPSS
26.1%
CVE-2023-35355 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-38254 MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-38186 CRITICAL PATCH Act Now

Windows Mobile Device Management Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Microsoft Authentication Bypass Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +2
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-38184 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-38172 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-36914 MEDIUM PATCH This Month

Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +2
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-36913 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-36912 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-36911 CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-36910 CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2023-36909 MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2023-36908 MEDIUM PATCH This Month

Windows Hyper-V Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-36907 HIGH PATCH This Week

Windows Cryptographic Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-36906 HIGH PATCH This Week

Windows Cryptographic Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-36905 HIGH PATCH This Week

Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +7
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-36904 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-36903 CRITICAL PATCH Act Now

Windows System Assessment Tool Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-36900 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
12.1%
CVE-2023-36898 HIGH PATCH This Week

Tablet Windows User Interface Application Core Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 11 21H2 Windows 11 22h2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36889 MEDIUM PATCH This Month

Windows Group Policy Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-36882 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-35387 HIGH PATCH This Week

Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-35386 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2023-35385 CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2023-35384 MEDIUM PATCH This Month

Windows HTML Platforms Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2023-35383 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2023-35382 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1809 +6
NVD
CVSS 3.1
7.8
EPSS
5.8%
CVE-2023-35381 HIGH PATCH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2023-35380 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
4.0%
CVE-2023-35378 HIGH PATCH This Week

Windows Projected File System Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-35377 MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2023-35376 MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2023-35359 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
11.0%
CVE-2023-20588 MEDIUM This Month

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Amd Information Disclosure Debian Linux Epyc 7351P Firmware Epyc 7401P Firmware +44
NVD
CVSS 3.1
5.5
EPSS
12.4%
CVE-2023-20569 MEDIUM POC This Month

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Amd Information Disclosure Fedora Debian Linux Ryzen 9 5950X Firmware +152
NVD
CVSS 3.1
4.7
EPSS
6.2%
CVE-2023-36884 HIGH KEV PATCH THREAT This Week

Windows Search Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
99.0%
CVE-2023-36874 HIGH POC KEV PATCH THREAT Act Now

Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
43.1%
CVE-2023-36871 MEDIUM PATCH This Month

Azure Active Directory Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2023-35367 CRITICAL PATCH Act Now

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-35366 CRITICAL PATCH Act Now

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-35365 CRITICAL PATCH Act Now

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-35364 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-35363 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-35362 HIGH PATCH This Week

Windows Clip Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-35361 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-35360 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-35358 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Windows upnphost.dll Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +10
NVD
EPSS 3% CVSS 5.4
MEDIUM KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +10
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft +12
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +9
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +12
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +12
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +12
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +12
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +12
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Deployment Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Search Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +10
NVD
EPSS 21% CVSS 5.5
MEDIUM KEV PATCH THREAT This Month

Microsoft WordPad Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

PrintHTML API Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 1507 Windows 10 1607 +8
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows TCP/IP Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +10
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Net +3
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows IIS Server Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 +11
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 62% CVSS 7.5
HIGH POC THREAT This Week

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Curl Fedora +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows TCP/IP Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +2
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Windows TCP/IP Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 +11
NVD
EPSS 8% CVSS 8.8
HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Stack Overflow Buffer Overflow RCE +4
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Miracast Wireless Display Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +11
NVD
EPSS 39% CVSS 8.8
HIGH POC PATCH THREAT Act Now

Windows Themes Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 11 21H2 +1
NVD GitHub
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Windows 10 1507 +11
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +12
NVD
EPSS 7% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1607 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 2% CVSS 7.0
HIGH PATCH This Week

Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Microsoft Windows 10 1507 +10
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft +9
NVD
EPSS 26% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Microsoft +7
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Windows Mobile Device Management Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Microsoft Authentication Bypass Windows 10 21h2 +4
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft +12
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 21h2 +4
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 +11
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +12
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +12
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Microsoft +12
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Hyper-V Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Cryptographic Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Cryptographic Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +9
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Windows 10 1809 +6
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows System Assessment Tool Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 +11
NVD
EPSS 12% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Tablet Windows User Interface Application Core Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 11 21H2 +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Group Policy Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 +11
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure Microsoft +11
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +11
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +12
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Windows HTML Platforms Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +11
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +8
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +12
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Projected File System Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 +6
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +11
NVD
EPSS 11% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 12% CVSS 5.5
MEDIUM This Month

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Amd Information Disclosure Debian Linux +46
NVD
EPSS 6% CVSS 4.7
MEDIUM POC This Month

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Amd Information Disclosure Fedora +154
NVD
EPSS 99% CVSS 7.5
HIGH KEV PATCH THREAT This Week

Windows Search Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft +12
NVD
EPSS 43% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Azure Active Directory Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +9
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Clip Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8).

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft +11
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +9
NVD
Prev Page 7 of 11 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy