Total
4185 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43893 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-07-12 | 6.0 MEDIUM | 7.5 HIGH |
| Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | |||||
| CVE-2021-43228 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| SymCrypt Denial of Service Vulnerability | |||||
| CVE-2022-32230 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2019 | 2022-06-23 | 7.8 HIGH | 7.5 HIGH |
| Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. | |||||
| CVE-2021-43244 | 1 Microsoft | 4 Windows 10, Windows Server, Windows Server 2016 and 1 more | 2022-05-23 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2021-43234 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-23 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Fax Service Remote Code Execution Vulnerability | |||||
| CVE-2020-1082 | 1 Microsoft | 4 Windows 10, Windows Server, Windows Server 2016 and 1 more | 2022-05-23 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1021, CVE-2020-1088. | |||||
| CVE-2019-0545 | 1 Microsoft | 11 .net Core, .net Framework, Windows 10 and 8 more | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2. | |||||
| CVE-2018-8554 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2019 | 2022-05-23 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. This CVE ID is unique from CVE-2018-8485, CVE-2018-8561. | |||||
| CVE-2020-0987 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-1005. | |||||
| CVE-2020-1436 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Windows Font Library Remote Code Execution Vulnerability'. | |||||
| CVE-2020-1269 | 2 Microsoft, Opensuse | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316. | |||||
| CVE-2020-1048 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070. | |||||
| CVE-2020-1400 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-04-27 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407. | |||||
| CVE-2020-0642 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-04-26 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624. | |||||
| CVE-2020-1021 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-04-26 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088. | |||||
| CVE-2020-15705 | 7 Canonical, Debian, Gnu and 4 more | 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more | 2022-04-18 | 4.4 MEDIUM | 6.4 MEDIUM |
| GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. | |||||
| CVE-2020-0728 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-01-01 | 4.9 MEDIUM | 5.5 MEDIUM |
| An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'. | |||||
| CVE-2020-0744 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-01-01 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. | |||||
| CVE-2020-0668 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-01-01 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672. | |||||
| CVE-2021-44050 | 2 Broadcom, Microsoft | 4 Ca Network Flow Analysis, Windows Server 2012, Windows Server 2016 and 1 more | 2021-12-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data. | |||||