| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Internet Explorer Remote Code Execution Vulnerability |
| HTTP Protocol Stack Remote Code Execution Vulnerability |
| Windows Print Spooler Remote Code Execution Vulnerability |
| Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability |
| Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability |
| Windows MSHTML Platform Remote Code Execution Vulnerability |
| Windows LSA Spoofing Vulnerability |
| Windows Update Medic Service Elevation of Privilege Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Active Directory Domain Services Elevation of Privilege Vulnerability |
| Windows Print Spooler Elevation of Privilege Vulnerability |
| mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files. |
| Windows SmartScreen Security Feature Bypass Vulnerability |
| Windows MSHTML Platform Elevation of Privilege Vulnerability |
| Windows SmartScreen Security Feature Bypass Vulnerability |
| Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.
Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability. |
| SmartScreen Prompt Security Feature Bypass Vulnerability |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library.
The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document |
