Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 11
Subscriptions
Total
600 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-6769 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 6.7 Medium |
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. | ||||
CVE-2023-44216 | 8 Amd, Apple, Canonical and 5 more | 17 Ryzen 5 7600x, Ryzen 7 4800u, M1 Mac Mini and 14 more | 2024-11-21 | 5.3 Medium |
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. | ||||
CVE-2023-29413 | 2 Microsoft, Schneider-electric | 7 Windows 10, Windows 11, Windows Server 2016 and 4 more | 2024-11-21 | 7.5 High |
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service. | ||||
CVE-2023-29412 | 2 Microsoft, Schneider-electric | 7 Windows 10, Windows 11, Windows Server 2016 and 4 more | 2024-11-21 | 9.8 Critical |
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface. | ||||
CVE-2023-29411 | 2 Microsoft, Schneider-electric | 7 Windows 10, Windows 11, Windows Server 2016 and 4 more | 2024-11-21 | 9.8 Critical |
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface. | ||||
CVE-2023-21776 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 5.5 Medium |
Windows Kernel Information Disclosure Vulnerability | ||||
CVE-2023-21771 | 1 Microsoft | 8 Windows 10, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-11-21 | 7 High |
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability | ||||
CVE-2023-21768 | 1 Microsoft | 4 Windows 11, Windows 11 21h2, Windows 11 22h2 and 1 more | 2024-11-21 | 7.8 High |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||||
CVE-2023-21767 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
Windows Overlay Filter Elevation of Privilege Vulnerability | ||||
CVE-2023-21766 | 1 Microsoft | 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more | 2024-11-21 | 4.7 Medium |
Windows Overlay Filter Information Disclosure Vulnerability | ||||
CVE-2023-21765 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 7.8 High |
Windows Print Spooler Elevation of Privilege Vulnerability | ||||
CVE-2023-21760 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 7.1 High |
Windows Print Spooler Elevation of Privilege Vulnerability | ||||
CVE-2023-21759 | 1 Microsoft | 8 Windows 10, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-11-21 | 3.3 Low |
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | ||||
CVE-2023-21758 | 1 Microsoft | 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more | 2024-11-21 | 7.5 High |
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | ||||
CVE-2023-21757 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 7.5 High |
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | ||||
CVE-2023-21752 | 1 Microsoft | 11 Windows 10, Windows 10 1507, Windows 10 1607 and 8 more | 2024-11-21 | 7.1 High |
Windows Backup Service Elevation of Privilege Vulnerability | ||||
CVE-2023-21746 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.8 High |
Windows NTLM Elevation of Privilege Vulnerability | ||||
CVE-2023-21558 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
Windows Error Reporting Service Elevation of Privilege Vulnerability | ||||
CVE-2023-20564 | 2 Amd, Microsoft | 5 Ryzen, Ryzen Master, Ryzen Master Monitoring Sdk and 2 more | 2024-11-21 | 6.7 Medium |
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. | ||||
CVE-2023-20560 | 2 Amd, Microsoft | 4 Ryzen Master, Ryzen Master Monitoring Sdk, Windows 10 and 1 more | 2024-11-21 | 4.4 Medium |
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service. |