Skip to main content

Windows Server 2019

4241 CVEs product

Monthly

CVE-2023-35303 HIGH PATCH This Week

USB Audio Class System Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-35302 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +10
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-35300 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-35299 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-35297 HIGH PATCH This Week

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-35296 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-33174 MEDIUM PATCH This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2023-33173 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33172 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33169 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33168 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33167 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33166 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33164 MEDIUM PATCH This Month

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2023-33163 HIGH PATCH This Week

Windows Network Load Balancing Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-33155 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-33154 CRITICAL PATCH Act Now

Windows Partition Management Driver Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-32085 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-32084 HIGH PATCH This Week

HTTP.sys Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Windows 10 1809 Windows 11 21H2 Windows 11 22h2 +2
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-32083 MEDIUM PATCH This Month

Microsoft Failover Cluster Information Disclosure Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Microsoft Information Disclosure Heap Overflow Windows Server 2016 +2
NVD
CVSS 3.1
4.9
EPSS
1.6%
CVE-2023-32057 CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2023-32056 CRITICAL PATCH Act Now

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-32055 MEDIUM PATCH This Month

Active Template Library Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2023-32054 HIGH PATCH This Week

Volume Shadow Copy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2023-32053 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-32049 HIGH KEV PATCH THREAT This Week

Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
8.8
EPSS
4.4%
CVE-2023-32046 HIGH KEV PATCH THREAT This Week

Windows MSHTML Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
11.9%
CVE-2023-32045 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-32044 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-32043 MEDIUM PATCH This Month

Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2023-32042 HIGH PATCH This Week

OLE Automation Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-32041 MEDIUM PATCH This Month

Windows Update Orchestrator Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-32040 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-32039 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-32038 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-32037 MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-32035 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-32034 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-32033 HIGH PATCH This Week

Microsoft Failover Cluster Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows Server 2008 +4
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-21756 HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +10
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21526 HIGH PATCH This Week

Windows Netlogon Information Disclosure Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.4
EPSS
1.1%
CVE-2023-24937 MEDIUM PATCH This Month

Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2023-32022 HIGH PATCH This Week

Windows Server Service Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.6
EPSS
0.8%
CVE-2023-32021 HIGH PATCH This Week

Windows SMB Witness Service Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Microsoft Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2023-32020 MEDIUM PATCH This Month

Windows DNS Spoofing Vulnerability. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
5.6
EPSS
0.7%
CVE-2023-32019 MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
4.7
EPSS
1.4%
CVE-2023-32017 HIGH PATCH This Week

Microsoft PostScript Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-32016 MEDIUM PATCH This Month

Windows Installer Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2023-32015 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-32014 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-32013 MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +4
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2023-32011 HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-32009 HIGH PATCH This Week

Windows Collaborative Translation Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-32008 HIGH PATCH This Week

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service RCE Null Pointer Dereference Microsoft Windows 10 1507 +9
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29373 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-29372 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-29371 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
5.8%
CVE-2023-29370 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +9
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29369 MEDIUM PATCH This Month

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2023-29368 HIGH PATCH This Week

Windows Filtering Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-29367 HIGH PATCH This Week

iSCSI Target WMI Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29365 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-29364 HIGH PATCH This Week

Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2023-29363 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-29362 HIGH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Remote Desktop Client Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-29360 HIGH KEV PATCH THREAT This Week

Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
8.4
EPSS
22.1%
CVE-2023-29359 HIGH PATCH This Week

GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-29358 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
4.7%
CVE-2023-29355 MEDIUM PATCH This Month

DHCP Server Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2023-29352 MEDIUM This Month

Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Remote Desktop Client Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2023-29351 HIGH PATCH This Week

Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.1
EPSS
1.8%
CVE-2023-29346 HIGH PATCH This Week

NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-24938 MEDIUM PATCH This Month

Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2023-24949 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 +6
NVD
CVSS 3.1
7.8
EPSS
24.6%
CVE-2023-24948 HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +8
NVD
CVSS 3.1
7.4
EPSS
1.0%
CVE-2023-24947 HIGH PATCH This Week

Windows Bluetooth Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1607 +6
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-24946 HIGH PATCH This Week

Windows Backup Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-24945 MEDIUM PATCH This Month

Windows iSCSI Target Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2023-24944 MEDIUM PATCH This Month

Windows Bluetooth Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 +6
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-24943 CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
9.8
EPSS
4.7%
CVE-2023-24942 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-24941 CRITICAL PATCH Act Now

Windows Network File System Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
9.8
EPSS
94.7%
CVE-2023-24940 HIGH PATCH This Week

Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.5
EPSS
5.2%
CVE-2023-24939 HIGH PATCH This Week

Server for NFS Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +8
NVD
CVSS 3.1
7.5
EPSS
4.7%
CVE-2023-24932 MEDIUM PATCH This Month

Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
6.7
EPSS
10.6%
CVE-2023-24903 HIGH PATCH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-24901 HIGH PATCH This Week

Windows NFS Portmapper Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-24900 MEDIUM PATCH This Month

Windows NTLM Security Support Provider Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2023-21712 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft Windows 10 Windows 10 1607 +13
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-28308 MEDIUM PATCH This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows Server 2008 +4
NVD
CVSS 3.1
6.6
EPSS
0.9%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

USB Audio Class System Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft +12
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Cryptographic Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +11
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +12
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Windows Network Load Balancing Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

RCE Microsoft Windows Server 2008 +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1809 +6
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Windows Partition Management Driver Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Microsoft +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

HTTP.sys Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Windows 10 1809 +4
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Microsoft Failover Cluster Information Disclosure Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Microsoft Information Disclosure +4
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1809 +6
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Active Template Library Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +12
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Volume Shadow Copy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 4% CVSS 8.8
HIGH KEV PATCH THREAT This Week

Windows SmartScreen Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1607 +8
NVD
EPSS 12% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows MSHTML Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +13
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +13
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

OLE Automation Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Update Orchestrator Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1607 +8
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +11
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1809 +6
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +12
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Microsoft Failover Cluster Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +12
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

Windows Netlogon Information Disclosure Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 1809 +6
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Windows Server Service Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Windows Server 2012 +3
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Windows SMB Witness Service Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Microsoft Windows Server 2012 +3
NVD
EPSS 1% CVSS 5.6
MEDIUM PATCH This Month

Windows DNS Spoofing Vulnerability. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows Server 2008 +4
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Windows Kernel Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Microsoft Windows 10 1607 +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft PostScript Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure +13
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows Installer Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Microsoft +12
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1809 +6
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows iSCSI Discovery Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service +13
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Collaborative Translation Framework Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1607 +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service RCE Null Pointer Dereference +11
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure +13
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +11
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Windows Server 2012 +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Filtering Platform Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

iSCSI Target WMI Provider Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Windows Server 2012 Windows Server 2016 +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +13
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Authentication Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +12
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +13
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Remote Desktop Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +13
NVD
EPSS 22% CVSS 8.4
HIGH KEV PATCH THREAT This Week

Microsoft Streaming Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1607 +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +13
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

DHCP Server Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Windows Server 2012 Windows Server 2016 +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Windows Remote Desktop Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Remote Desktop Client +7
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Windows Group Policy Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

NTFS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Windows CryptoAPI Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +7
NVD
EPSS 25% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +8
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

Windows Bluetooth Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +10
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Bluetooth Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Backup Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 +10
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Windows iSCSI Target Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft +13
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Windows Bluetooth Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft +8
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 +12
NVD
EPSS 95% CVSS 9.8
CRITICAL PATCH Act Now

Windows Network File System Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft Windows Server 2012 +3
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +13
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

Server for NFS Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Windows 10 1507 Windows 10 1607 +10
NVD
EPSS 11% CVSS 6.7
MEDIUM PATCH This Month

Secure Boot Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Windows 10 1507 Windows 10 1607 +11
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 1507 +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows NFS Portmapper Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft +12
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Windows NTLM Security Support Provider Information Disclosure Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft +13
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition RCE Microsoft +15
NVD
EPSS 1% CVSS 6.6
MEDIUM PATCH This Month

Windows DNS Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption +6
NVD
Prev Page 21 of 48 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy