| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows WalletService Elevation of Privilege Vulnerability |
| Windows Projected File System Elevation of Privilege Vulnerability |
| Windows ActiveX Installer Service Information Disclosure Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Windows Hyper-V Remote Code Execution Vulnerability |
| Windows Update Service Elevation of Privilege Vulnerability |
| Windows Container Execution Agent Elevation of Privilege Vulnerability |
| Windows Virtual Registry Provider Elevation of Privilege Vulnerability |
| Windows Win32k Elevation of Privilege Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Windows Graphics Component Remote Code Execution Vulnerability |
| Windows App-V Overlay Filter Elevation of Privilege Vulnerability |
| Microsoft Power BI Information Disclosure Vulnerability |
| Microsoft Exchange Server Remote Code Execution Vulnerability |
| Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3. |
| A cross-site scripting (XSS) vulnerability in Power Admin PA Server Monitor 8.2.1.1 allows remote attackers to inject arbitrary web script or HTML via Console.exe. |
| An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapping memory ranges being passed to memcpy. This can triggered with an HTTP GET request for a crafted filename. NOTE: this is similar to CVE-2017-10671, but occurs in a different part of the de_dotdot function. |
| SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information. |
| No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file. |
| A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode. |
