windows server 2012 · threatengine.sh

Home/Product/microsoft windows server 2012

Product

microsoft windows server 2012

500 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

Windows TCP/IP Denial of Service Vulnerability

Windows TCP/IP Denial of Service Vulnerability

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

Windows TCP/IP Denial of Service Vulnerability

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack

Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker

Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.

Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feat

Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorize

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorize

Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges l

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components al

Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spo

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthoriz

Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.

Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker

Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.

Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorize

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.d

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.d

Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.d

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose info

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privi

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth

Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privi

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privi

Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges loc

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.

Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.

Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileg

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.

Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally.

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges loc

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Update Service allow

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f

Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges l

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate

Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges lo

Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

< 6.2.9200.25973

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code o

Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent net

Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges loc

Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an author

Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to per

Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.

Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.

Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to e

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to e

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges local

Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code o

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code o

Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.

Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthor

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over

Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Use after free in RPC Runtime allows an authorized attacker to execute code over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally.

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges local

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges lo

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network.

Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration,

Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an author

External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adj

Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an author

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an author

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an author

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an author

Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny ser

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM)

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorize

Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an author

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over

Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges lo

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally

Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack.

Use of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally

Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker t

Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to disclose information with a phy

Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally.

Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to dis

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileges locally

Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges loc

Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose in

Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.

Integer underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny service over a network.

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over

Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges loca

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized a

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges loca

Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an autho

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorize

Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network.

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unautho

Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileg

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileg

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileg

Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny servic

Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclo

Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges lo

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spo

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disc

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disc

Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows

Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally.

Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally.

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth

Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally.

Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose i

Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.

External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spo

Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally.

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny servic

Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally.

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges local

Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.

Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating s

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating s

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vuln

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorize

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally.

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.

Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges l

Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t

Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker t

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose informati

Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthori

Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva

Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a networ

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose inform

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose inform

Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally.

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locall

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose inform

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca

Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally.

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose inform

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose infor

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorize

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut

Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network.

Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorize

Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose informatio

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over

Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.

Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally.

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose inform

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose inform

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to eleva

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spo

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate priv

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjace

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.

Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthori

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authoriz

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacke

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an a

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized atta

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate pri

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a securit

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security featur

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclos

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges loca

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privi

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny se

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.

Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over

External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.

Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to

Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signatu

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to exe

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny servi

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a net

Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a ne

Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose info

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose info

Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny

Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose info

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code l

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose info

Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a ne

Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a netwo

Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges lo

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privi

Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny se

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny se

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized atta

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose info

Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a

Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny se

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.

Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a networ

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny se

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a netw

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information ove

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code ove

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin