| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Hyper-V Remote Code Execution Vulnerability |
| Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability |
| Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability |
| Windows AD FS Security Feature Bypass Vulnerability |
| Windows Installer Spoofing Vulnerability |
| Rich Text Edit Control Information Disclosure Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| Microsoft Accessibility Insights for Android Information Disclosure Vulnerability |
| Windows Print Spooler Elevation of Privilege Vulnerability |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Windows Media Center Elevation of Privilege Vulnerability |
| Microsoft Dynamics Business Central Cross-site Scripting Vulnerability |
| Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification. |
| An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a denial-of-service (DoS) on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
| A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS. |
| Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions. |
| The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation. |
| OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe). |
