22103 matches found
Windows Media Video Decoder Remote Code Execution Vulnerability
...
Remote Procedure Call Runtime Remote Code Execution Vulnerability
...
Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
...
Windows Fax Service Remote Code Execution Vulnerability
...
Skype for Business and Lync Spoofing Vulnerability
...
Windows Backup Engine Elevation of Privilege Vulnerability
...
Azure DevOps Server Spoofing Vulnerability
...
Windows Hyper-V Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability by itself does not allow...
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run C2R AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a...
Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension for Linux. An attacker who successfully exploited this vulnerability could execute code with elevated privileges. To exploit this vulnerability, an attacker would have to be present as a user on the...
Windows Camera Codec Pack Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...
TLS Information Disclosure Vulnerability
A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability, an attacker would have to...
Windows Text Service Module Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system. An attacker could host a specially crafted website that is designed to exploit the...
Windows Routing Utilities Denial of Service
A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected...
Windows UPnP Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs;...
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service LSASS when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the targ...
Microsoft Word Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privilege...
LNK Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user...
Microsoft Edge Spoofing Vulnerability
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a piv...
Windows Kernel Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...
Microsoft Outlook Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats. The security feature bypass by itself does not allow arbitrary code execution. However, to successfully exploit the vulnerability, an attacker would have to use it i...
NetLogon Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. To exploit the...
Microsoft SharePoint Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to ...
Windows Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys Winsock handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated privileges. To exploit the vulnerability, a locally authenticated attacker could run a specially...
Windows DHCP Client Remote Code Execution Vulnerability
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send...
Windows Admin Center Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows Admin Center improperly impersonates operations in certain situations. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker with unprivileged access to a vulnerable system could exploit th...
OData Denial of Service Vulnerability
A denial of service vulnerability exists when OData Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an OData web application. A remote unauthenticated attacker could exploit this vulnerability by issuing...
Microsoft SQL Server Remote Code Execution Vulnerability
A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account. To exploit the...
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Windows DHCP Server Remote Code Execution Vulnerability
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could either run arbitrary code on the DHCP failover server or cause the DHCP service to...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows Kernel Local Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Kernel API improperly allows a user to access sensitive registry information. An attacker who successfully exploited the vulnerability could gain access to user account information that is not intended for the user. A locally...
Secure Boot Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Windows Secure Boot improperly loads a boot manager that is affected by the vulnerability. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded...
April 2016 Adobe Flash Security Update
This security update addresses the following vulnerabilities, which are described in Adobe Security Bulletin APSB16-10: CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013, CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017, CVE-2016-1018, and CVE-2016-1019...
Visual Studio Code Elevation of Privilege Vulnerability
Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally...
Windows Telephony Service Remote Code Execution Vulnerability
...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
...
Windows Kernel Elevation of Privilege Vulnerability
...
Windows Update Stack Elevation of Privilege Vulnerability
...
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
...
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
...
Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
...
Secure Boot Security Feature Bypass Vulnerability
...
Lenovo: CVE-2024-23594 Stack buffer overflow in Lenovo system recovery boot manager
...
Chromium: CVE-2024-2173 Out of bounds memory access in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2024-1670 Use after free in Mojo
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows SmartScreen Security Feature Bypass Vulnerability
...
Windows Kerberos Security Feature Bypass Vulnerability
...