| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Kerberos Elevation of Privilege Vulnerability |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| Windows Hyper-V Denial of Service Vulnerability |
| Windows Networking Denial of Service Vulnerability |
| PowerShell Elevation of Privilege Vulnerability |
| Windows Authentication Information Disclosure Vulnerability |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS. |
|
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.Â
|
|
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
|
| An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. |
| Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1.
Required Configuration:
Only environments with Windows as the underlying operating system is affected by this issue |
