Total
100
Critical
4
High
68
Medium
28
CISA KEV
2
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.
Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue
Windows Local Session Manager (LSM) Denial of Service Vulnerability
Windows Local Security Authority (LSA) Denial of Service Vulnerability
Windows Kernel Memory Information Disclosure Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Kerberos Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
Microsoft Word Security Feature Bypass Vulnerability
Windows OLE Remote Code Execution Vulnerability
Windows MSHTML Platform Security Feature Bypass Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Driver Revocation List Security Feature Bypass Vulnerability
Microsoft SharePoint Server Information Disclosure Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Windows Bluetooth Driver Remote Code Execution Vulnerability
Windows Backup Service Elevation of Privilege Vulnerability
Windows iSCSI Target Service Information Disclosure Vulnerability
Windows Bluetooth Driver Information Disclosure Vulnerability
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Remote Procedure Call Runtime Denial of Service Vulnerability
Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability
Server for NFS Denial of Service Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows NFS Portmapper Information Disclosure Vulnerability
Windows NTLM Security Support Provider Information Disclosure Vulnerability
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Windows Kernel Denial of Service Vulnerability
Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Raw Image Extension Remote Code Execution Vulnerability
Raw Image Extension Remote Code Execution Vulnerability
Windows Group Policy Security Feature Bypass Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Windows Win32k Elevation of Privilege Vulnerability
Windows Clip Service Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Memory Information Disclosure Vulnerability
Windows Lock Screen Security Feature Bypass Vulnerability
Windows Boot Manager Security Feature Bypass Vulnerability
Remote Desktop Protocol Client Information Disclosure Vulnerability
Windows Common Log File System Driver Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Windows Boot Manager Security Feature Bypass Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
Windows Kernel Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Lock Screen Security Feature Bypass Vulnerability
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
Windows Spoofing Vulnerability
Windows Bluetooth Driver Remote Code Execution Vulnerability
Windows Enroll Engine Security Feature Bypass Vulnerability
Windows NTLM Elevation of Privilege Vulnerability
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Error Reporting Service Elevation of Privilege Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Windows Secure Channel Denial of Service Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Remote Procedure Call Runtime Information Disclosure Vulnerability
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
