An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially...
7.8CVSS
7.9AI Score
0.0004EPSS
5.5CVSS
6.5AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted....
7.8CVSS
8.1AI Score
0.001EPSS
An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To exploit this condition, an...
6.5CVSS
7AI Score
0.009EPSS
An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges......
7.8CVSS
8.1AI Score
0.0004EPSS
A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...
8.8CVSS
8.6AI Score
0.017EPSS
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code.....
7.8CVSS
8.3AI Score
0.003EPSS
An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog. To exploit this vulnerability, an attacker would first have to log...
7.8CVSS
8AI Score
0.0004EPSS
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive. To exploit the vulnerability, an authenticated attacker could send malicious DNS queries.....
7.5CVSS
7.5AI Score
0.002EPSS
A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...
8.8CVSS
8.6AI Score
0.017EPSS
An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate...
7.8CVSS
7.8AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows Ancillary Function Driver for WinSock improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate....
7.8CVSS
7.7AI Score
0.0004EPSS
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the...
7.8CVSS
6.4AI Score
0.0004EPSS
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted....
7.8CVSS
7.9AI Score
0.015EPSS
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to...
7.8CVSS
8AI Score
0.015EPSS
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to...
7.3CVSS
7.7AI Score
0.004EPSS
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to...
7.8CVSS
8AI Score
0.015EPSS
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...
7.8CVSS
8AI Score
0.012EPSS
An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...
7.8CVSS
7.8AI Score
0.0004EPSS
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete.....
7.8CVSS
7.6AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows Remote Access improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim system......
7.8CVSS
7.9AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows Telephony Server improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...
7.8CVSS
7.8AI Score
0.0004EPSS
A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by correcting how the Windows Font Driver Host....
7.8CVSS
7.8AI Score
0.006EPSS
An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to...
7.8CVSS
7.8AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to...
7.8CVSS
7.8AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...
7.8CVSS
7.8AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security.....
7.8CVSS
7.8AI Score
0.0004EPSS
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...
7.8CVSS
8AI Score
0.001EPSS
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an...
7.8CVSS
7AI Score
0.011EPSS
An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. To exploit this vulnerability, an attacker would need to...
5.5CVSS
6AI Score
0.0004EPSS
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to...
7CVSS
7.5AI Score
0.003EPSS
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an...
5.5CVSS
5.5AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new....
7.8CVSS
7.6AI Score
0.0004EPSS
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...
7CVSS
7.6AI Score
0.001EPSS
An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...
7.8CVSS
7.7AI Score
0.002EPSS
An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system....
10CVSS
8.8AI Score
0.005EPSS
A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a...
7.8CVSS
7.9AI Score
0.015EPSS
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability.....
7.5CVSS
7.4AI Score
0.05EPSS
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...
5.5CVSS
6.8AI Score
0.001EPSS
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent...
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability.....
7.8CVSS
7.5AI Score
0.001EPSS
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs;....
A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a...
7.8CVSS
8AI Score
0.003EPSS
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an....
5.6CVSS
6.4AI Score
0.001EPSS
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on...
5.5CVSS
5AI Score
0.001EPSS
A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding. To exploit the vulnerability, a remote unauthenticated attacker...
9.8CVSS
7.4AI Score
0.121EPSS
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server. To exploit the vulnerability, an attacker could send.....
9.8CVSS
9.3AI Score
0.061EPSS
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by...
5.5CVSS
7.2AI Score
0.001EPSS
An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...
7CVSS
7.5AI Score
0.0004EPSS
An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...
7CVSS
7.5AI Score
0.0004EPSS