| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Hyper-V Information Disclosure Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22709. |
| IBM EntireX 11.1 could allow a local user to cause a denial of service due to an unhandled error and fault isolation. |
| IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization. |
| A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192. |
| A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171. |
| Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network. |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. |
| Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. |
| Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. |
| Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. |
| Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. |
| Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. |
| Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. |
| Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally. |
| Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
| Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. |
| Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network. |
