Search
Total
275 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1467 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-01-04 | 7.2 HIGH | 10.0 CRITICAL |
| <p>An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The security update addresses the vulnerability by correcting how Windows handles hard links.</p> | |||||
| CVE-2021-24077 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Fax Service Remote Code Execution Vulnerability | |||||
| CVE-2021-24074 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||
| CVE-2021-24094 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||
| CVE-2021-26867 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-29 | 7.2 HIGH | 9.9 CRITICAL |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2021-26432 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-28 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability | |||||
| CVE-2021-26424 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 6.8 MEDIUM | 9.9 CRITICAL |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||
| CVE-2021-26443 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-12-28 | 7.7 HIGH | 9.0 CRITICAL |
| Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability | |||||
| CVE-2022-21907 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-12-21 | 10.0 HIGH | 9.8 CRITICAL |
| HTTP Protocol Stack Remote Code Execution Vulnerability | |||||
| CVE-2022-21874 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2023-12-21 | 10.0 HIGH | 9.8 CRITICAL |
| Windows Security Center API Remote Code Execution Vulnerability | |||||
| CVE-2022-21849 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | |||||
| CVE-2022-21898 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2019 | 2023-12-21 | 10.0 HIGH | 9.8 CRITICAL |
| DirectX Graphics Kernel Remote Code Execution Vulnerability | |||||
| CVE-2022-22012 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2022-29130 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2023-36910 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing Remote Code Execution Vulnerability | |||||
| CVE-2023-36911 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing Remote Code Execution Vulnerability | |||||
| CVE-2023-36903 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Windows System Assessment Tool Elevation of Privilege Vulnerability | |||||
| CVE-2021-43215 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.8 MEDIUM | 9.8 CRITICAL |
| iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | |||||
| CVE-2021-31166 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| HTTP Protocol Stack Remote Code Execution Vulnerability | |||||
| CVE-2021-28476 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2023-08-02 | 6.5 MEDIUM | 9.9 CRITICAL |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2021-31962 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-01 | 7.5 HIGH | 9.4 CRITICAL |
| Kerberos AppContainer Security Feature Bypass Vulnerability | |||||
| CVE-2020-0646 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'. | |||||
| CVE-2021-43217 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | |||||
| CVE-2018-8421 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-05-23 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NET Framework Remote Code Execution Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0. | |||||
| CVE-2017-3072 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-26 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3071 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-26 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3074 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-26 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3073 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-26 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3070 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-26 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3069 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-26 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-4171 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player For Linux, Mac Os X and 12 more | 2021-11-26 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016. | |||||
| CVE-2016-4128 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player For Linux, Mac Os X and 12 more | 2021-11-24 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | |||||
| CVE-2017-3068 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-23 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3099 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2021-11-23 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-8070 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more | 2021-11-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | |||||
| CVE-2019-8069 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more | 2021-11-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | |||||
| CVE-2016-4138 | 8 Adobe, Apple, Google and 5 more | 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more | 2021-11-19 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | |||||
| CVE-2016-6989 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990. | |||||
| CVE-2016-6981 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987. | |||||
| CVE-2016-6985 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2016-6982 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2016-6984 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2016-6986 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2016-6992 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion." | |||||
| CVE-2016-6990 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989. | |||||
| CVE-2016-6987 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981. | |||||
| CVE-2020-9633 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more | 2021-09-16 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11281 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier. | |||||
| CVE-2017-3112 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2017-11225 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution. | |||||