Remote Procedure Call Runtime Remote Code Execution Vulnerability

Active Directory Domain Services Elevation of Privilege Vulnerability

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

Active Directory Domain Services Elevation of Privilege Vulnerability

Active Directory Domain Services Elevation of Privilege Vulnerability

Windows Cryptographic Services Remote Code Execution Vulnerability

A race condition was identified through which privilege escalation was possible in certain configurations.

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

There is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 11.2 and below on Windows and Linux, and ArcGIS Enterprise 11.1 and below on Kubernetes which, under unique circumstances, could potentially allow a remote, unauthenticated attacker to compromise the confidentiality, integrity, and availability of the software.

Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS.

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

This issues due to insufficient verification of the various input values from user’s input. The vulnerability allows remote attackers to execute malicious code in Firstmall via navercheckout_add function.

.NET Core Remote Code Execution Vulnerability

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

Windows Active Directory Certificate Services Security Feature Bypass

Netlogon RPC Elevation of Privilege Vulnerability

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

Windows Kerberos Elevation of Privilege Vulnerability

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Windows Remote Desktop Services Remote Code Execution Vulnerability

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Microsoft Intune Management Extension Remote Code Execution Vulnerability

Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

LightGBM Remote Code Execution Vulnerability

Windows Fax Service Remote Code Execution Vulnerability

The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

Windows DNS Server Remote Code Execution Vulnerability

Windows Clip Service Elevation of Privilege Vulnerability

Windows DNS Server Remote Code Execution Vulnerability

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability