Design/Logic Flaw

sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' "admin" web UI, allow a super-user attacker, or an unwitting, bu...

Input validation

modauthopenidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on modauthopenidcsessionchunks cookie value makes the server vulnerable to a...

Path traversal

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by deploying arbitrary symbolic links to a GitHub Pages site with a specially crafted artifact tarball. To exploit this vulnerability, an attacker would...

Remote code execution

Microsoft Outlook Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Spoofing

Dynamics 365 Sales Spoofing Vulnerability...

Design/Logic Flaw

Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI...

Cross site scripting

Microsoft Dynamics 365 on-premises Cross-site Scripting Vulnerability...

Privilege escalation

Microsoft Message Queuing MSMQ Elevation of Privilege Vulnerability...

Security feature bypass

Internet Shortcut Files Security Feature Bypass Vulnerability...

Remote code execution

Azure DevOps Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft Office Remote Code Execution Vulnerability...

Spoofing

Azure Stack Hub Spoofing Vulnerability...

Denial of service

Windows Hyper-V Denial of Service Vulnerability...

Information disclosure

Skype for Business Information Disclosure Vulnerability...

Privilege escalation

Trusted Compute Base Elevation of Privilege Vulnerability...

Privilege escalation

Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability...

Cross site scripting

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability...

Privilege escalation

Azure Connected Machine Agent Elevation of Privilege Vulnerability...

Privilege escalation

Windows Kernel Elevation of Privilege Vulnerability...

Information disclosure

Windows Kernel Information Disclosure Vulnerability...

Denial of service

Windows DNS Client Denial of Service Vulnerability...

Denial of service

Windows Network Address Translation NAT Denial of Service Vulnerability...

Remote code execution

Windows USB Generic Parent Driver Remote Code Execution Vulnerability...

Privilege escalation

Windows Kernel Elevation of Privilege Vulnerability...

Remote code execution

Windows Kernel Remote Code Execution Vulnerability...

Remote code execution

Microsoft ODBC Driver Remote Code Execution Vulnerability...

Remote code execution

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Denial of service

Windows Network Address Translation NAT Denial of Service Vulnerability...

Privilege escalation

Win32k Elevation of Privilege Vulnerability...

Denial of service

Internet Connection Sharing ICS Denial of Service Vulnerability...

Privilege escalation

Microsoft Message Queuing MSMQ Elevation of Privilege Vulnerability...

Design/Logic Flaw

Windows Lightweight Directory Access Protocol LDAP Denial of Service Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability...

Privilege escalation

Microsoft Message Queuing MSMQ Elevation of Privilege Vulnerability...

Remote code execution

Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft Message Queuing MSMQ Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Privilege escalation

Microsoft Azure Site Recovery Elevation of Privilege Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Remote code execution

Windows OLE Remote Code Execution Vulnerability...