Skip to main content

Windows 11 22h2

1507 CVEs product

Monthly

CVE-2023-32011 HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-32010 HIGH PATCH This Week

Windows Bus Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 11 22h2
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-32009 HIGH PATCH This Week

Windows Collaborative Translation Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-32008 HIGH PATCH This Week

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service RCE Null Pointer Dereference Microsoft Windows 10 1507 +9
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29373 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-29372 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-29371 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
5.8%
CVE-2023-29370 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +9
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29368 HIGH PATCH This Week

Windows Filtering Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-29366 HIGH PATCH This Week

Windows Geolocation Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29365 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29364 HIGH PATCH This Week

Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-29363 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-29362 HIGH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Remote Desktop Client Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-29361 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 21h2 +4
NVD
CVSS 3.1
7.0
EPSS
3.9%
CVE-2023-29360 HIGH KEV PATCH THREAT This Week

Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
8.4
EPSS
22.1%
CVE-2023-29359 HIGH PATCH This Week

GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-29358 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
4.7%
CVE-2023-29352 MEDIUM This Month

Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Remote Desktop Client Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2023-29351 HIGH PATCH This Week

Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.1
EPSS
1.8%
CVE-2023-29346 HIGH PATCH This Week

NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-24938 MEDIUM PATCH This Month

Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2023-29335 HIGH PATCH This Week

Microsoft Word Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-29325 HIGH PATCH This Week

Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
84.4%
CVE-2023-29324 MEDIUM PATCH This Month

Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
2.8%
CVE-2023-28283 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-28251 MEDIUM PATCH This Month

Windows Driver Revocation List Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-24954 MEDIUM PATCH This Month

Microsoft SharePoint Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2023-24949 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 +6
NVD
CVSS 3.1
7.8
EPSS
24.6%
CVE-2023-24946 HIGH PATCH This Week

Windows Backup Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-24945 MEDIUM PATCH This Month

Windows iSCSI Target Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-24944 MEDIUM PATCH This Month

Windows Bluetooth Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 +6
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-24943 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
4.7%
CVE-2023-24942 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-24940 HIGH PATCH This Week

Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
5.2%
CVE-2023-24939 HIGH PATCH This Week

Server for NFS Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +8
NVD
CVSS 3.1
7.5
EPSS
4.7%
CVE-2023-24932 MEDIUM PATCH This Month

Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
6.7
EPSS
10.6%
CVE-2023-24905 HIGH PATCH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Authentication Bypass Windows 10 20H2 Windows 10 21h2 Windows 10 22h2 +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-24903 HIGH PATCH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-24902 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 11 21H2 Windows 11 22h2
NVD
CVSS 3.1
7.8
EPSS
5.1%
CVE-2023-24901 HIGH PATCH This Week

Windows NFS Portmapper Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-24900 MEDIUM PATCH This Month

Windows NTLM Security Support Provider Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2023-24899 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 11 21H2 Windows 11 22h2 Windows Server 2022
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-21712 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft Windows 10 Windows 10 1607 +13
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-28302 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
7.5
EPSS
93.6%
CVE-2023-28298 MEDIUM PATCH This Month

Windows Kernel Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-28297 HIGH PATCH This Week

Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +9
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2023-28293 HIGH POC PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +10
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
2.9%
CVE-2023-28276 MEDIUM PATCH This Month

Windows Group Policy Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2023-28275 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-28274 HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
7.8
EPSS
6.8%
CVE-2023-28273 HIGH PATCH This Week

Windows Clip Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +6
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-28272 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-28271 MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2023-28270 MEDIUM PATCH This Month

Windows Lock Screen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Authentication Bypass Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2023-28269 MEDIUM PATCH This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2023-28267 MEDIUM PATCH This Month

Remote Desktop Protocol Client Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Remote Desktop Client Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2023-28266 MEDIUM PATCH This Month

Windows Common Log File System Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
5.5
EPSS
4.4%
CVE-2023-28253 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-28252 HIGH POC KEV PATCH THREAT Act Now

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
49.0%
CVE-2023-28250 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-28249 MEDIUM PATCH This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2023-28248 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-28246 HIGH PATCH This Week

Windows Registry Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 11 21H2 Windows 11 22h2 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-28243 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-28241 HIGH PATCH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-28238 HIGH PATCH This Week

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-28237 HIGH PATCH This Week

Windows Kernel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-28236 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-28234 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 11 21H2 Windows 11 22h2 Windows Server 2022
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-28233 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 11 21H2 Windows 11 22h2 Windows Server 2022
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-28232 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-28229 HIGH POC KEV PATCH THREAT This Week

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). Public exploit code available.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
1.9%
CVE-2023-28228 MEDIUM PATCH This Month

Windows Spoofing Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jwt Attack Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-28227 HIGH PATCH This Week

Windows Bluetooth Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
7.5
EPSS
6.6%
CVE-2023-28226 MEDIUM PATCH This Month

Windows Enroll Engine Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Jwt Attack Microsoft Windows 10 1507 Windows 10 1607 +6
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-28225 HIGH PATCH This Week

Windows NTLM Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-28224 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-28222 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2023-28221 HIGH PATCH This Week

Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2023-28220 HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
8.1
EPSS
15.0%
CVE-2023-28219 HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
8.1
EPSS
15.0%
CVE-2023-28218 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.0
EPSS
12.3%
CVE-2023-28217 HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-28216 HIGH PATCH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-24931 HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-24929 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24928 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24927 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24926 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.6%
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +13
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Bus Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 11 22h2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Collaborative Translation Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service RCE Null Pointer Dereference +11
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +11
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Filtering Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Geolocation Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 21h2 +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +13
NVD
EPSS 4% CVSS 7.0
HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +6
NVD
EPSS 22% CVSS 8.4
HIGH KEV PATCH THREAT This Week

Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1607 +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Remote Desktop Client +7
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +7
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Microsoft Word Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Microsoft Authentication Bypass Windows 10 1507 +15
NVD VulDB
EPSS 84% CVSS 7.5
HIGH PATCH This Week

Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Driver Revocation List Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft SharePoint Server Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Information Disclosure Microsoft +14
NVD
EPSS 25% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Backup Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows iSCSI Target Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +13
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Bluetooth Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft +8
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +12
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +13
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

Server for NFS Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 11% CVSS 6.7
MEDIUM PATCH This Month

Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Authentication Bypass Windows 10 20H2 +4
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 11 21H2 +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows NFS Portmapper Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Windows NTLM Security Support Provider Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 11 21H2 +2
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft +15
NVD
EPSS 94% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1607 +11
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 1607 +11
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +11
NVD
EPSS 3% CVSS 7.8
HIGH POC PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Microsoft +12
NVD Exploit-DB
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Windows Group Policy Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 7% CVSS 7.8
HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Clip Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1607 +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Information Disclosure Microsoft +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Memory Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Windows Lock Screen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Authentication Bypass Windows 10 1809 +7
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Microsoft Heap Overflow +12
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Remote Desktop Protocol Client Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Remote Desktop Client +13
NVD
EPSS 4% CVSS 5.5
MEDIUM PATCH This Month

Windows Common Log File System Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 49% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Microsoft +13
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Boot Manager Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Authentication Bypass Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +10
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Registry Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 11 21H2 +2
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 11 21H2 +2
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 11 21H2 +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft +13
NVD
EPSS 2% CVSS 7.0
HIGH POC KEV PATCH THREAT This Week

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). Public exploit code available.

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Spoofing Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jwt Attack Microsoft +13
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Week

Windows Bluetooth Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Windows Enroll Engine Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Jwt Attack Microsoft +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows NTLM Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +11
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 15% CVSS 8.1
HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 15% CVSS 8.1
HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 12% CVSS 7.0
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Secure Channel Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft +12
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft +12
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
Prev Page 15 of 17 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy