| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Windows Wi-Fi Driver Remote Code Execution Vulnerability |
| Windows OLE Remote Code Execution Vulnerability |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability |
| DHCP Server Service Denial of Service Vulnerability |
| A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. |
| decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. |
| xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. |
| procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash. |
| The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). |
| The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. |
| An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.
This vulnerability has already been mitigated in the service and all affected customers have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you. |
| Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network |
| Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
