Total
4024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36560 | 1 Microsoft | 14 .net Framework, Windows 10 1507, Windows 10 1607 and 11 more | 2023-11-20 | N/A | 8.8 HIGH |
| ASP.NET Security Feature Bypass Vulnerability | |||||
| CVE-2022-41076 | 1 Microsoft | 11 Powershell, Windows 10, Windows 11 and 8 more | 2023-11-17 | N/A | 8.5 HIGH |
| PowerShell Remote Code Execution Vulnerability | |||||
| CVE-2022-41089 | 1 Microsoft | 11 .net Framework, Windows 10, Windows 11 and 8 more | 2023-11-17 | N/A | 7.8 HIGH |
| .NET Framework Remote Code Execution Vulnerability | |||||
| CVE-2022-41121 | 1 Microsoft | 12 Powershell, Remote Desktop, Windows 10 and 9 more | 2023-11-17 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2022-34303 | 3 Eurosoft-uk, Microsoft, Redhat | 10 Uefi Bootloader, Windows 10, Windows 11 and 7 more | 2023-11-14 | N/A | 6.7 MEDIUM |
| A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | |||||
| CVE-2022-34302 | 3 Horizondatasys, Microsoft, Redhat | 10 Uefi Bootloader, Windows 10, Windows 11 and 7 more | 2023-11-14 | N/A | 6.7 MEDIUM |
| A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | |||||
| CVE-2022-34301 | 3 Kidan, Microsoft, Redhat | 10 Cryptopro Securedisk For Bitlocker, Windows 10, Windows 11 and 7 more | 2023-11-14 | N/A | 6.7 MEDIUM |
| A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | |||||
| CVE-2018-5391 | 7 Canonical, Debian, F5 and 4 more | 73 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 70 more | 2023-11-07 | 7.8 HIGH | 7.5 HIGH |
| The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. | |||||
| CVE-2018-1000 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2023-11-07 | 2.6 LOW | 5.3 MEDIUM |
| An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0987, CVE-2018-0989. | |||||
| CVE-2021-31205 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-11-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows SMB Client Security Feature Bypass Vulnerability | |||||
| CVE-2017-8625 | 1 Microsoft | 3 Internet Explorer, Windows 10, Windows Server 2016 | 2023-10-25 | 6.8 MEDIUM | 8.8 HIGH |
| Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability". | |||||
| CVE-2022-41064 | 1 Microsoft | 12 .net Framework, Nuget, Windows 10 and 9 more | 2023-10-17 | N/A | 5.8 MEDIUM |
| .NET Framework Information Disclosure Vulnerability | |||||
| CVE-2019-1357 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2023-10-17 | 4.3 MEDIUM | 4.3 MEDIUM |
| A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0608. | |||||
| CVE-2019-0608 | 1 Microsoft | 10 Edge, Internet Explorer, Windows 10 and 7 more | 2023-10-17 | 4.3 MEDIUM | 4.3 MEDIUM |
| A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1357. | |||||
| CVE-2020-1108 | 1 Microsoft | 15 .net, .net Core, .net Framework and 12 more | 2023-10-15 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. | |||||
| CVE-2023-36712 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-10-13 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-36718 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2023-10-13 | N/A | 7.8 HIGH |
| Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability | |||||
| CVE-2023-36717 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2023-10-13 | N/A | 6.5 MEDIUM |
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability | |||||
| CVE-2023-36720 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2023-10-13 | N/A | 7.5 HIGH |
| Windows Mixed Reality Developer Tools Denial of Service Vulnerability | |||||
| CVE-2023-36732 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-10-13 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||