| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash. |
| OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. |
| The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). |
| The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure. |
| The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. |
| An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.
This vulnerability has already been mitigated in the service and all affected customers have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you. |
| Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Windows Core Messaging Elevation of Privileges Vulnerability |
| Microsoft PC Manager Elevation of Privilege Vulnerability |
| Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| Windows Core Messaging Elevation of Privileges Vulnerability |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability |
| DHCP Client Service Denial of Service Vulnerability |
