Total
4164 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-26803 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 8.1 and 6 more | 2022-04-18 | 7.2 HIGH | 7.8 HIGH |
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802. | |||||
CVE-2022-26826 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-04-18 | 9.0 HIGH | 7.2 HIGH |
Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26829. | |||||
CVE-2019-7845 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2022-04-18 | 6.8 MEDIUM | 8.8 HIGH |
Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2020-15705 | 7 Canonical, Debian, Gnu and 4 more | 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more | 2022-04-18 | 4.4 MEDIUM | 6.4 MEDIUM |
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. | |||||
CVE-2018-4878 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018. | |||||
CVE-2019-8075 | 7 Adobe, Apple, Debian and 4 more | 11 Flash Player, Flash Player Desktop Runtime, Macos and 8 more | 2022-04-18 | 5.0 MEDIUM | 7.5 HIGH |
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | |||||
CVE-2021-1732 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-04-12 | 4.6 MEDIUM | 7.8 HIGH |
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698. | |||||
CVE-2022-24455 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2022-03-14 | 7.2 HIGH | 7.8 HIGH |
Windows CD-ROM Driver Elevation of Privilege Vulnerability. | |||||
CVE-2022-23285 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2022-03-14 | 6.8 MEDIUM | 8.8 HIGH |
Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21990. | |||||
CVE-2022-21967 | 1 Microsoft | 2 Windows 10, Windows 11 | 2022-03-14 | 4.4 MEDIUM | 7.0 HIGH |
Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability. | |||||
CVE-2021-33110 | 2 Intel, Microsoft | 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more | 2022-02-15 | 3.3 LOW | 6.5 MEDIUM |
Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
CVE-2021-33114 | 2 Intel, Microsoft | 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more | 2022-02-15 | 2.7 LOW | 5.7 MEDIUM |
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||
CVE-2021-33113 | 2 Intel, Microsoft | 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more | 2022-02-15 | 4.8 MEDIUM | 8.1 HIGH |
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. | |||||
CVE-2022-21964 | 1 Microsoft | 1 Windows 10 | 2022-01-20 | 4.9 MEDIUM | 5.5 MEDIUM |
Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability. | |||||
CVE-2022-21899 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2022-01-19 | 4.9 MEDIUM | 5.5 MEDIUM |
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. | |||||
CVE-2022-21839 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2022-01-13 | 2.1 LOW | 5.5 MEDIUM |
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability. | |||||
CVE-2020-1457 | 1 Microsoft | 1 Windows 10 | 2022-01-04 | 6.8 MEDIUM | 7.8 HIGH |
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1425. | |||||
CVE-2020-0792 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2022-01-01 | 7.2 HIGH | 8.8 HIGH |
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745. | |||||
CVE-2020-0674 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2022-01-01 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. | |||||
CVE-2020-0744 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-01-01 | 2.1 LOW | 5.5 MEDIUM |
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. |