Total
100
Critical
3
High
77
Medium
19
CISA KEV
0
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally.
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.
Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally.
Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally.
Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
Windows Kerberos Denial of Service Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally.
Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally.
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally.
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.
Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.
Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.
Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.
Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network.
Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Buffer over-read in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Integer overflow or wraparound in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.
Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
