Skip to main content

Windows Server 2019

4241 CVEs product

Monthly

CVE-2024-21350 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-21349 HIGH PATCH This Week

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-21348 HIGH PATCH This Week

Internet Connection Sharing (ICS) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2024-21347 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2024-21344 MEDIUM PATCH This Month

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
5.9
EPSS
1.7%
CVE-2024-21343 HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2024-21341 MEDIUM PATCH This Month

Windows Kernel Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1809 +8
NVD
CVSS 3.1
6.8
EPSS
1.0%
CVE-2024-21340 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
4.6
EPSS
0.8%
CVE-2024-21339 MEDIUM PATCH This Month

Windows USB Generic Parent Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows 10 1809 +8
NVD
CVSS 3.1
6.4
EPSS
0.6%
CVE-2024-21338 HIGH POC KEV PATCH THREAT This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
51.9%
CVE-2024-21304 MEDIUM PATCH This Month

Trusted Compute Base Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.1).

Information Disclosure Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +4
NVD
CVSS 3.1
4.1
EPSS
0.5%
CVE-2024-21320 MEDIUM POC PATCH THREAT This Week

Windows Themes Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 25.6%.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
25.6%
CVE-2024-21316 MEDIUM PATCH This Month

Windows Server Key Distribution Service Security Feature Bypass. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-21314 MEDIUM PATCH This Month

Microsoft Message Queuing Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
6.5
EPSS
4.7%
CVE-2024-21313 MEDIUM PATCH This Month

Windows TCP/IP Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-21311 MEDIUM PATCH This Month

Windows Cryptographic Services Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-21310 HIGH PATCH This Month

Critical vulnerability in NETGEAR ProSAFE NMS300 network management system.

Microsoft Information Disclosure Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2024-21307 HIGH PATCH This Month

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-21305 MEDIUM PATCH Monitor

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Authentication Bypass Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +6
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2024-20700 HIGH PATCH This Month

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

Microsoft Race Condition RCE Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-20699 MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +7
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-20698 HIGH PATCH This Month

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Epss exploitation probability 21.7%.

Integer Overflow Microsoft Information Disclosure Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
21.7%
CVE-2024-20696 HIGH PATCH This Month

Windows libarchive Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Buffer Overflow RCE Heap Overflow Microsoft Windows 10 1809 +9
NVD GitHub
CVSS 3.1
7.3
EPSS
7.2%
CVE-2024-20694 MEDIUM PATCH This Month

Windows CoreMessaging Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2024-20692 MEDIUM PATCH This Month

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
5.7
EPSS
1.1%
CVE-2024-20691 MEDIUM PATCH Monitor

Windows Themes Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-20687 HIGH PATCH This Month

Microsoft AllJoyn API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +10
NVD
CVSS 3.1
7.5
EPSS
4.9%
CVE-2024-20683 HIGH PATCH This Month

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2024-20682 HIGH PATCH This Month

Windows Cryptographic Services Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-20680 MEDIUM PATCH This Month

Windows Message Queuing Client (MSMQC) Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
6.5
EPSS
3.4%
CVE-2024-20674 HIGH PATCH This Month

Windows Kerberos Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.0%.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
8.8
EPSS
16.0%
CVE-2024-20666 MEDIUM PATCH This Month

BitLocker Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. Epss exploitation probability 15.7%.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
6.6
EPSS
15.7%
CVE-2024-20664 MEDIUM PATCH This Month

Microsoft Message Queuing Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
6.5
EPSS
4.7%
CVE-2024-20663 MEDIUM PATCH This Month

Windows Message Queuing Client (MSMQC) Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2024-20662 MEDIUM PATCH Monitor

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft Windows Server 2008 Windows Server 2012 +5
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2024-20661 HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
6.7%
CVE-2024-20660 MEDIUM PATCH This Month

Microsoft Message Queuing Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2024-20658 HIGH PATCH This Month

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-20657 HIGH PATCH This Month

Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2024-20655 MEDIUM PATCH This Month

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
6.6
EPSS
0.4%
CVE-2024-20654 HIGH PATCH This Month

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Microsoft RCE Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.0
EPSS
2.1%
CVE-2024-20653 HIGH PATCH This Month

Microsoft Common Log File System Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2024-20652 HIGH PATCH This Month

Windows HTML Platforms Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
8.1
EPSS
3.1%
CVE-2023-36696 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-36012 MEDIUM PATCH This Month

DHCP Server Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
5.3
EPSS
2.0%
CVE-2023-36011 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36006 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Stack Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-36005 HIGH PATCH This Week

Windows Telephony Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
23.9%
CVE-2023-36004 HIGH PATCH This Week

Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-36003 HIGH PATCH This Week

XAML Diagnostics Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
7.3
EPSS
2.8%
CVE-2023-35644 HIGH PATCH This Week

Windows Sysmain Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
7.8
EPSS
6.2%
CVE-2023-35643 HIGH PATCH This Week

DHCP Server Service Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2023-35642 MEDIUM PATCH This Month

Internet Connection Sharing (ICS) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2023-35641 HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
8.8
EPSS
7.2%
CVE-2023-35639 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2023-35638 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2023-35632 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +7
NVD
CVSS 3.1
7.8
EPSS
6.5%
CVE-2023-35630 HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2023-35628 HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
8.1
EPSS
92.8%
CVE-2023-35622 HIGH PATCH This Week

Windows DNS Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-21740 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-24023 MEDIUM This Month

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. No vendor patch available.

Code Injection Bluetooth Core Specification Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
6.8
EPSS
1.3%
CVE-2023-36719 HIGH PATCH This Week

Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-36705 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36428 MEDIUM PATCH This Month

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2023-36427 HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
7.0
EPSS
1.5%
CVE-2023-36425 HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +13
NVD
CVSS 3.1
8.0
EPSS
1.5%
CVE-2023-36423 HIGH PATCH This Week

Microsoft Remote Registry Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +13
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2023-36408 HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-36405 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-36404 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Authentication Bypass Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2023-36403 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2023-36402 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2023-36401 HIGH PATCH This Week

Microsoft Remote Registry Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2023-36400 HIGH PATCH This Week

Windows HMAC Key Derivation Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
8.8
EPSS
4.3%
CVE-2023-36398 MEDIUM PATCH This Month

Windows NTFS Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-36397 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
9.8
EPSS
17.5%
CVE-2023-36395 HIGH PATCH This Week

Windows Deployment Services Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Microsoft Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2023-36394 HIGH PATCH This Week

Windows Search Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +6
NVD
CVSS 3.1
7.0
EPSS
6.7%
CVE-2023-36393 HIGH PATCH This Week

Windows User Interface Application Core Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-36392 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2023-36047 HIGH PATCH This Week

Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +5
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-36036 HIGH KEV PATCH THREAT This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
16.7%
CVE-2023-36033 HIGH KEV PATCH THREAT This Week

Windows DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +6
NVD
CVSS 3.1
7.8
EPSS
12.0%
CVE-2023-36028 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +10
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-36025 HIGH POC KEV PATCH THREAT This Week

Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.8
EPSS
88.2%
CVE-2023-36017 HIGH PATCH This Week

Windows Scripting Engine Memory Corruption Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
25.3%
CVE-2023-38545 CRITICAL POC PATCH THREAT Act Now

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 26.2%.

Memory Corruption Buffer Overflow Libcurl Fedora Active Iq Unified Manager +10
NVD GitHub
CVSS 3.1
9.8
EPSS
26.2%
Threat
4.2
CVE-2023-41774 HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.1
EPSS
1.3%
CVE-2023-41773 HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.1
EPSS
1.3%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +14
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +15
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Internet Connection Sharing (ICS) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Denial Of Service +13
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Buffer Overflow RCE +15
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Network Address Translation (NAT) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +14
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Kernel Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +10
NVD
EPSS 1% CVSS 4.6
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft +14
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

Windows USB Generic Parent Driver Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE +10
NVD
EPSS 52% CVSS 7.8
HIGH POC KEV PATCH THREAT This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 1809 +8
NVD Exploit-DB
EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

Trusted Compute Base Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.1).

Information Disclosure Windows 10 1809 Windows 10 21h2 +6
NVD
EPSS 26% CVSS 6.5
MEDIUM POC PATCH THREAT This Week

Windows Themes Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 25.6%.

Microsoft Information Disclosure Windows 10 1507 +12
NVD Exploit-DB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Windows Server Key Distribution Service Security Feature Bypass. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 +10
NVD
EPSS 5% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Message Queuing Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +14
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Windows TCP/IP Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure Windows 10 1507 +14
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Cryptographic Services Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +15
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Month

Critical vulnerability in NETGEAR ProSAFE NMS300 network management system.

Microsoft Information Disclosure Windows 10 1809 +8
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +14
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH Monitor

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Authentication Bypass Windows 10 1809 Windows 10 21h2 +8
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Month

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

Microsoft Race Condition RCE +10
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Denial Of Service Windows 10 1809 +9
NVD
EPSS 22% CVSS 7.8
HIGH PATCH This Month

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Epss exploitation probability 21.7%.

Integer Overflow Microsoft Information Disclosure +10
NVD
EPSS 7% CVSS 7.3
HIGH PATCH This Month

Windows libarchive Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Buffer Overflow RCE Heap Overflow +11
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows CoreMessaging Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 1607 +11
NVD
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +13
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

Windows Themes Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +14
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Month

Microsoft AllJoyn API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +12
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Month

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Windows Cryptographic Services Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows 10 1507 +12
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Windows Message Queuing Client (MSMQC) Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +13
NVD
EPSS 16% CVSS 8.8
HIGH PATCH This Month

Windows Kerberos Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.0%.

Microsoft Authentication Bypass Windows 10 1507 +13
NVD
EPSS 16% CVSS 6.6
MEDIUM PATCH This Month

BitLocker Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. Epss exploitation probability 15.7%.

Authentication Bypass Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 5% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Message Queuing Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +12
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Windows Message Queuing Client (MSMQC) Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 1507 +13
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH Monitor

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft +7
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Month

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +13
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Message Queuing Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Month

Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Authentication Bypass Microsoft Windows 10 1507 +13
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +7
NVD
EPSS 2% CVSS 8.0
HIGH PATCH This Month

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Microsoft RCE +13
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Month

Microsoft Common Log File System Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Month

Windows HTML Platforms Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Authentication Bypass Windows 10 1507 +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +9
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

DHCP Server Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Windows Server 2008 Windows Server 2012 +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Stack Overflow Buffer Overflow RCE +14
NVD
EPSS 24% CVSS 8.1
HIGH PATCH This Week

Windows Telephony Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Authentication Bypass Windows 10 1507 +12
NVD
EPSS 3% CVSS 7.3
HIGH PATCH This Week

XAML Diagnostics Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +9
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Windows Sysmain Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +8
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

DHCP Server Service Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Windows Server 2012 +3
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Internet Connection Sharing (ICS) Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 7% CVSS 8.8
HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows Server 2012 +3
NVD
EPSS 7% CVSS 7.8
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +9
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +14
NVD
EPSS 93% CVSS 8.1
HIGH PATCH This Week

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +15
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows DNS Spoofing Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows Server 2008 +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +15
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. No vendor patch available.

Code Injection Bluetooth Core Specification Windows 10 1809 +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +13
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +14
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 +8
NVD
EPSS 1% CVSS 8.0
HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

RCE Buffer Overflow Microsoft +15
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft Remote Registry Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +15
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +11
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft +11
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Authentication Bypass +11
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +13
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Microsoft Remote Registry Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft +13
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Windows HMAC Key Derivation Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +11
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows NTFS Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 18% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Microsoft +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows Deployment Services Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Microsoft +5
NVD
EPSS 7% CVSS 7.0
HIGH PATCH This Week

Windows Search Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows User Interface Application Core Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows Server 2012 +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 +7
NVD
EPSS 17% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 12% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1809 +8
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 88% CVSS 8.8
HIGH POC KEV PATCH THREAT This Week

Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 +12
NVD
EPSS 25% CVSS 8.8
HIGH PATCH This Week

Windows Scripting Engine Memory Corruption Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Buffer Overflow Microsoft +13
NVD
EPSS 26% 4.2 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 26.2%.

Memory Corruption Buffer Overflow Libcurl +12
NVD GitHub
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +12
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +12
NVD
Prev Page 18 of 48 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy