| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows DNS Server Remote Code Execution Vulnerability |
| Windows Hyper-V Remote Code Execution Vulnerability |
| An remote code execution vulnerability due to SSTI vulnerability and insufficient file name parameter validation was discovered in Genian NAC. Remote attackers are able to execute arbitrary malicious code with SYSTEM privileges on all connected nodes in NAC through this vulnerability. |
| A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. |
| In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges. |
| Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability |
| Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability |
| Microsoft Exchange Server Remote Code Execution Vulnerability |
| Windows TCP/IP Remote Code Execution Vulnerability |
| Microsoft Exchange Server Remote Code Execution Vulnerability |
| The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user. |
| Windows TCP/IP Remote Code Execution Vulnerability |
| Windows DNS Server Remote Code Execution Vulnerability |
| Windows Fax Service Remote Code Execution Vulnerability |
| Windows TCP/IP Remote Code Execution Vulnerability |
| Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
| Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
| Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. |
| Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. |
| Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. |
