| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Remote Access Elevation of Privilege Vulnerability |
| Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability |
| Windows Print Spooler Elevation of Privilege Vulnerability |
| Win32k Information Disclosure Vulnerability |
| Windows Bind Filter Driver Elevation of Privilege Vulnerability |
| Windows Port Class Library Elevation of Privilege Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Windows Error Reporting Elevation of Privilege Vulnerability |
| Windows Graphics Component Information Disclosure Vulnerability |
| Windows Print Spooler Elevation of Privilege Vulnerability |
| Remote Desktop Protocol Client Information Disclosure Vulnerability |
| Windows WalletService Information Disclosure Vulnerability |
| DirectX Elevation of Privilege Vulnerability |
| Remote Desktop Protocol Server Information Disclosure Vulnerability |
| An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An attacker can run arbitrary commands on a remote Windows machine running the Zalo client by sending the user of the device a crafted file. |
| Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page. |
| Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
| Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page. |
| In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected. |
| Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. |
