22103 matches found
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Buffer over-read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...
RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling
...
NTFS Elevation of Privilege Vulnerability
...
Visual Studio Denial of Service Vulnerability
...
Chromium: CVE-2024-0808 Integer underflow in WebUI
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft SharePoint Server Remote Code Execution Vulnerability
...
.NET and Visual Studio Elevation of Privilege Vulnerability
...
Microsoft Outlook Remote Code Execution Vulnerability
...
Chromium: CVE-2023-1810 Heap buffer overflow in Visuals
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Azure RTOS GUIX Studio Information Disclosure Vulnerability
...
Windows ALPC Elevation of Privilege Vulnerability
...
VP9 Video Extensions Remote Code Execution Vulnerability
...
Chromium: CVE-2022-0799 Insufficient policy enforcement in Installer
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2022-0604 Heap buffer overflow in Tab Groups
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft SharePoint Server Remote Code Execution Vulnerability
...
Microsoft Exchange Server Remote Code Execution Vulnerability
...
Chromium: CVE-2021-30625 Use after free in Selection API
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Hello Security Feature Bypass Vulnerability
...
Windows Certificate Spoofing Vulnerability
...
Windows AF_UNIX Socket Provider Denial of Service Vulnerability
...
Chromium: CVE-2021-30545 Use after free in Extensions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft SharePoint Server Spoofing Vulnerability
...
Chromium: CVE-2021-30534 Insufficient policy enforcement in iFrameSandbox
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2021-30529 Use after free in Bookmarks
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Container Manager Service Elevation of Privilege Vulnerability
...
Chromium: CVE-2021-21229 Incorrect security UI in downloads
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2021-21202 Use after free in extensions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Teams iOS Information Disclosure Vulnerability
...
Microsoft SharePoint Remote Code Execution Vulnerability
...
Remote Procedure Call Runtime Remote Code Execution Vulnerability
...
HEVC Video Extensions Remote Code Execution Vulnerability
...
Windows Backup Engine Elevation of Privilege Vulnerability
...
Microsoft SharePoint Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would...
Active Directory Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Active Directory integrated DNS ADIDNS mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...
Windows Certificate Dialog Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete...
Vulnerability in TPM could allow Security Feature Bypass
Executive Summary This advisory addresses CVE-2017-15361, also referred to as "Return of Coppersmith's Attack" ROCA. A security vulnerability exists in certain Trusted Platform Module TPM chipsets. The vulnerability weakens key strength. It is important to note that this is a firmware...
LNK Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user...
Windows Search Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full...
Windows TDX Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when tdx.sys fails to check the length of a buffer prior to copying memory to it. To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level. An attacker w...
Win32k Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...
Visual Studio Code Security Feature Bypass Vulnerability
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
...
Windows Update Stack Elevation of Privilege Vulnerability
Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security VBS. However, an...
Microsoft Azure File Sync Elevation of Privilege Vulnerability
...
Microsoft Outlook Remote Code Execution Vulnerability
...
BitLocker Security Feature Bypass Vulnerability
...
Microsoft Remote Registry Service Remote Code Execution Vulnerability
...
Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
...
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
...
Windows Media Foundation Core Remote Code Execution Vulnerability
...