| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows SMB Information Disclosure Vulnerability |
| Windows Authenticode Spoofing Vulnerability |
| Azure Sphere Information Disclosure Vulnerability |
| Windows TCP/IP Denial of Service Vulnerability |
| Windows Print Spooler Remote Code Execution Vulnerability |
| Microsoft Word Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Spoofing Vulnerability |
| Windows Cryptographic Primitives Library Information Disclosure Vulnerability |
| Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability |
| Windows Print Spooler Remote Code Execution Vulnerability |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
| RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. |
| RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. |
| RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. |
| A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client. |
| In Victron Energy Venus OS through 2.72, root access is granted by default to anyone with physical access to the device. NOTE: the vendor disagrees with the reporter's opinion about an alleged "security best practices" violation |
| In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process. |
