Total
3270 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-20662 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-04-11 | N/A | 4.9 MEDIUM |
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability | |||||
CVE-2024-20661 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.5 HIGH |
Microsoft Message Queuing Denial of Service Vulnerability | |||||
CVE-2024-20660 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 6.5 MEDIUM |
Microsoft Message Queuing Information Disclosure Vulnerability | |||||
CVE-2024-20657 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.0 HIGH |
Windows Group Policy Elevation of Privilege Vulnerability | |||||
CVE-2024-20654 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 8.0 HIGH |
Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
CVE-2024-20653 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.8 HIGH |
Microsoft Common Log File System Elevation of Privilege Vulnerability | |||||
CVE-2024-20652 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 8.1 HIGH |
Windows HTML Platforms Security Feature Bypass Vulnerability | |||||
CVE-2024-0057 | 1 Microsoft | 17 .net, .net Framework, Powershell and 14 more | 2024-04-11 | N/A | 9.8 CRITICAL |
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | |||||
CVE-2024-0056 | 1 Microsoft | 19 .net, .net Framework, Microsoft.data.sqlclient and 16 more | 2024-04-11 | N/A | 8.7 HIGH |
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | |||||
CVE-2023-20569 | 4 Amd, Debian, Fedoraproject and 1 more | 296 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 293 more | 2024-04-11 | N/A | 4.7 MEDIUM |
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | |||||
CVE-2023-20588 | 5 Amd, Debian, Fedoraproject and 2 more | 78 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 75 more | 2024-04-01 | N/A | 5.5 MEDIUM |
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | |||||
CVE-2023-36911 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-12 | N/A | 9.8 CRITICAL |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
CVE-2023-36910 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-12 | N/A | 9.8 CRITICAL |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
CVE-2023-35385 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-12 | N/A | 9.8 CRITICAL |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
CVE-2023-38161 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-03-07 | N/A | 7.8 HIGH |
Windows GDI Elevation of Privilege Vulnerability | |||||
CVE-2023-50387 | 8 Fedoraproject, Isc, Microsoft and 5 more | 13 Fedora, Bind, Windows Server 2008 and 10 more | 2024-03-07 | N/A | 7.5 HIGH |
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. | |||||
CVE-2020-17087 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-15 | 7.2 HIGH | 7.8 HIGH |
Windows Kernel Local Elevation of Privilege Vulnerability | |||||
CVE-2010-0249 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 7 and 4 more | 2024-02-15 | 9.3 HIGH | 8.8 HIGH |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability." | |||||
CVE-2018-0748 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2024-02-14 | 4.6 MEDIUM | 7.8 HIGH |
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way memory addresses are handled, aka "Windows Elevation of Privilege Vulnerability". | |||||
CVE-2018-0749 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2024-02-14 | 4.6 MEDIUM | 7.8 HIGH |
The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way SMB Server handles specially crafted files, aka "Windows Elevation of Privilege Vulnerability". |