Skip to main content

Windows Server 2019

4241 CVEs product

Monthly

CVE-2024-38254 MEDIUM PATCH This Month

Windows Authentication Information Disclosure Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
6.2
EPSS
0.7%
CVE-2024-38252 HIGH PATCH This Week

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-38250 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Buffer Overflow Office Office Long Term Servicing Channel Windows 10 1507 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-38249 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +14
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-38247 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38245 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-38244 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
5.9%
CVE-2024-38243 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-38242 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2024-38241 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
5.8%
CVE-2024-38240 CRITICAL PATCH Act Now

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-38239 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2024-38238 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-38237 HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2024-38236 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 +2
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2024-38235 MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Denial Of Service Memory Corruption Windows 10 1507 +12
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2024-38234 MEDIUM PATCH This Month

Windows Networking Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2024-38231 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Denial Of Service Microsoft Windows Server 2008 Windows Server 2012 +4
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2024-38230 HIGH PATCH This Week

Windows Standards-Based Storage Management Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2024-38217 MEDIUM POC KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.4
EPSS
9.8%
CVE-2024-38119 HIGH PATCH This Week

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows 10 1507 +12
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-38046 HIGH PATCH This Week

PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21H1 +9
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38045 HIGH PATCH This Week

Windows TCP/IP Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1809 +9
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2024-38014 HIGH KEV PATCH THREAT This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2024-30073 HIGH PATCH This Week

Windows Security Zone Mapping Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-21416 CRITICAL PATCH Act Now

Windows TCP/IP Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-38223 MEDIUM PATCH This Month

Windows Initial Machine Configuration Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2024-38215 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38214 MEDIUM PATCH This Month

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows Server 2008 Windows Server 2012 +4
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2024-38213 MEDIUM POC KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
6.5
EPSS
13.4%
CVE-2024-38199 CRITICAL PATCH Act Now

Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows 10 1507 +14
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2024-38198 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-38196 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
5.7%
CVE-2024-38193 HIGH POC KEV PATCH THREAT This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +14
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
27.6%
CVE-2024-38191 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Race Condition Information Disclosure Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-38187 HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2024-38186 HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-38185 HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2024-38184 HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2024-38180 HIGH PATCH This Week

Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38178 HIGH KEV PATCH THREAT This Week

Scripting Engine Memory Corruption Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Buffer Overflow Memory Corruption Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
39.2%
CVE-2024-38161 MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1809 +7
NVD
CVSS 3.1
6.8
EPSS
0.8%
CVE-2024-38154 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38153 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-38152 HIGH PATCH This Week

Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-38151 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-38146 HIGH PATCH This Week

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-38145 HIGH PATCH This Week

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-38144 HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
8.8
EPSS
32.3%
CVE-2024-38143 MEDIUM PATCH This Month

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
4.2
EPSS
1.7%
CVE-2024-38142 HIGH PATCH This Week

Windows Secure Kernel Mode Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-38141 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2024-38140 CRITICAL PATCH Act Now

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows 10 1507 +14
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2024-38138 HIGH PATCH This Week

Windows Deployment Services Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows Server 2016 +3
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2024-38136 HIGH PATCH This Week

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1809 +9
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2024-38134 HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38133 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +7
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38132 HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2024-38131 HIGH PATCH This Week

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Remote Desktop Client Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-38130 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38128 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows Server 2008 Windows Server 2012 +4
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38127 HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2024-38126 HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2024-38125 HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD
CVSS 3.1
7.8
EPSS
5.9%
CVE-2024-38122 MEDIUM PATCH This Month

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-38121 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38120 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38118 MEDIUM PATCH This Month

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-38117 HIGH PATCH This Week

NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38116 HIGH PATCH This Week

Windows IP Routing Management Snapin Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-38115 HIGH PATCH This Week

Windows IP Routing Management Snapin Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38114 HIGH PATCH This Week

Windows IP Routing Management Snapin Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-38107 HIGH KEV PATCH THREAT This Week

Windows Power Dependency Coordinator Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2024-38106 HIGH KEV PATCH THREAT This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
6.3%
CVE-2024-38063 CRITICAL PATCH Act Now

Windows TCP/IP Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
9.8
EPSS
70.6%
CVE-2024-37968 HIGH PATCH This Week

Windows DNS Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-29995 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2024-38202 HIGH PATCH This Week

Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.3
EPSS
1.7%
CVE-2024-21302 MEDIUM PATCH This Month

Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
6.7
EPSS
1.6%
CVE-2024-21417 HIGH This Week

Windows Text Services Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-38112 HIGH KEV PATCH THREAT This Week

Windows MSHTML Platform Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
84.3%
CVE-2024-38105 MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-38104 HIGH PATCH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-38102 MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-38101 MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-38100 HIGH PATCH This Week

Windows File Explorer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows Server 2016 Windows Server 2019 Windows Server 2022 +1
NVD
CVSS 3.1
7.8
EPSS
4.5%
CVE-2024-38099 MEDIUM PATCH This Month

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Denial Of Service Microsoft Windows Server 2008 Windows Server 2012 +4
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2024-38091 HIGH PATCH This Week

Microsoft WS-Discovery Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2024-38085 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
5.3%
CVE-2024-38079 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
EPSS 1% CVSS 6.2
MEDIUM PATCH This Month

Windows Authentication Information Disclosure Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Buffer Overflow Office +15
NVD VulDB
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft +16
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +13
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +14
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Windows Server 2008 Windows Server 2012 +4
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft Denial Of Service +14
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Networking Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +14
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Denial Of Service Microsoft +6
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Standards-Based Storage Management Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows Server 2012 +3
NVD
EPSS 10% CVSS 5.4
MEDIUM POC KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows TCP/IP Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Buffer Overflow RCE +11
NVD
EPSS 6% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Security Zone Mapping Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Windows TCP/IP Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +11
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Initial Machine Configuration Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +10
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +6
NVD
EPSS 13% CVSS 6.5
MEDIUM POC KEV PATCH THREAT This Month

Windows Mark of the Web Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 1507 +12
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE +16
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 10 1507 +14
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +14
NVD
EPSS 28% CVSS 7.8
HIGH POC KEV PATCH THREAT This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Information Disclosure Microsoft +16
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Race Condition Information Disclosure Windows 10 1607 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1607 +10
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1607 +10
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1607 +10
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +14
NVD
EPSS 39% CVSS 7.5
HIGH KEV PATCH THREAT This Week

Scripting Engine Memory Corruption Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Buffer Overflow Memory Corruption Windows 10 1507 +13
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Mobile Broadband Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +9
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +15
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft +14
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft +14
NVD
EPSS 32% CVSS 8.8
HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Windows 10 1507 +14
NVD
EPSS 2% CVSS 4.2
MEDIUM PATCH This Month

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Secure Kernel Mode Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +13
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft +15
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE +16
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Deployment Services Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE +5
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 +9
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +15
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Remote Desktop Client Windows 10 1507 +14
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +6
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Windows 10 1507 +14
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft +14
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 +14
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Windows 10 1507 +14
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows IP Routing Management Snapin Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows IP Routing Management Snapin Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows IP Routing Management Snapin Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 2% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Power Dependency Coordinator Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft +15
NVD
EPSS 6% CVSS 7.0
HIGH KEV PATCH THREAT This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 71% CVSS 9.8
CRITICAL PATCH Act Now

Windows TCP/IP Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Microsoft +15
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows DNS Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows Server 2008 +5
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.3
HIGH PATCH This Week

Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1607 +10
NVD
EPSS 2% CVSS 6.7
MEDIUM PATCH This Month

Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +12
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Windows Text Services Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Windows 10 1809 +8
NVD
EPSS 84% CVSS 7.5
HIGH KEV PATCH THREAT This Week

Windows MSHTML Platform Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 +13
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +12
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Fax Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 1507 +13
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Windows File Explorer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows Server 2016 +3
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Denial Of Service Microsoft +6
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft WS-Discovery Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 +13
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft +15
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +14
NVD
Prev Page 14 of 48 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy