| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Windows Fax Compose Form Remote Code Execution Vulnerability |
| Windows CSC Service Elevation of Privilege Vulnerability |
| Windows CSC Service Elevation of Privilege Vulnerability |
| Windows CSC Service Elevation of Privilege Vulnerability |
| Windows CSC Service Elevation of Privilege Vulnerability |
| Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability |
| Windows Runtime C++ Template Library Elevation of Privilege Vulnerability |
| Active Template Library Elevation of Privilege Vulnerability |
| Microsoft splwow64 Elevation of Privilege Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| Windows AppX Deployment Extensions Elevation of Privilege Vulnerability |
| Windows Print Spooler Elevation of Privilege Vulnerability |
| Visual Studio Code Remote Code Execution Vulnerability |
| Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key |
| Microsoft SQL Elevation of Privilege Vulnerability |
| XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers. |
| A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to mishandling of the rate limiting feature within the QuantumFlow Processor. An attacker could exploit this vulnerability by sending large amounts of traffic that would be subject to NAT and rate limiting through an affected device. A successful exploit could allow the attacker to cause the QuantumFlow Processor utilization to reach 100 percent on the affected device, resulting in a DoS condition. |
| A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition. This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could allow the attacker to overload the device punt path, resulting in a DoS condition. |
