Total
3383 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-20660 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 6.5 MEDIUM |
Microsoft Message Queuing Information Disclosure Vulnerability | |||||
CVE-2024-20657 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.0 HIGH |
Windows Group Policy Elevation of Privilege Vulnerability | |||||
CVE-2024-20654 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 8.0 HIGH |
Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
CVE-2024-20653 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.8 HIGH |
Microsoft Common Log File System Elevation of Privilege Vulnerability | |||||
CVE-2024-20652 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 8.1 HIGH |
Windows HTML Platforms Security Feature Bypass Vulnerability | |||||
CVE-2024-0057 | 1 Microsoft | 17 .net, .net Framework, Powershell and 14 more | 2024-04-11 | N/A | 9.8 CRITICAL |
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | |||||
CVE-2024-0056 | 1 Microsoft | 19 .net, .net Framework, Microsoft.data.sqlclient and 16 more | 2024-04-11 | N/A | 8.7 HIGH |
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | |||||
CVE-2023-20569 | 4 Amd, Debian, Fedoraproject and 1 more | 296 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 293 more | 2024-04-11 | N/A | 4.7 MEDIUM |
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | |||||
CVE-2013-6999 | 1 Microsoft | 1 Windows Server 2008 | 2024-04-11 | 4.0 MEDIUM | N/A |
The IsHandleEntrySecure function in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 SP2 does not properly validate the tagPROCESSINFO pW32Job field, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted NtUserValidateHandleSecure call for an owned object. NOTE: the vendor reportedly disputes the significance of this report, stating that "it appears to be a local DOS ... we don't consider it a security vulnerability. | |||||
CVE-2023-20588 | 5 Amd, Debian, Fedoraproject and 2 more | 78 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 75 more | 2024-04-01 | N/A | 5.5 MEDIUM |
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | |||||
CVE-2023-36911 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-12 | N/A | 9.8 CRITICAL |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
CVE-2023-36910 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-12 | N/A | 9.8 CRITICAL |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
CVE-2023-35385 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-12 | N/A | 9.8 CRITICAL |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
CVE-2023-38161 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-07 | N/A | 7.8 HIGH |
Windows GDI Elevation of Privilege Vulnerability | |||||
CVE-2023-50387 | 8 Fedoraproject, Isc, Microsoft and 5 more | 13 Fedora, Bind, Windows Server 2008 and 10 more | 2024-03-07 | N/A | 7.5 HIGH |
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. | |||||
CVE-2020-17087 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-15 | 7.2 HIGH | 7.8 HIGH |
Windows Kernel Local Elevation of Privilege Vulnerability | |||||
CVE-2010-0249 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 7 and 4 more | 2024-02-15 | 9.3 HIGH | 8.8 HIGH |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability." | |||||
CVE-2009-0553 | 1 Microsoft | 6 Internet Explorer, Windows 2000, Windows Server 2003 and 3 more | 2024-02-14 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability." | |||||
CVE-2018-0749 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2024-02-14 | 4.6 MEDIUM | 7.8 HIGH |
The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way SMB Server handles specially crafted files, aka "Windows Elevation of Privilege Vulnerability". | |||||
CVE-2018-0748 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2024-02-14 | 4.6 MEDIUM | 7.8 HIGH |
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way memory addresses are handled, aka "Windows Elevation of Privilege Vulnerability". |