ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows
Subscriptions
Total
9509 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46814 | 2 Microsoft, Videolan | 2 Windows, Vlc Media Player | 2024-11-21 | 7.8 High |
| A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM. | ||||
| CVE-2023-46804 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 7.5 High |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS). | ||||
| CVE-2023-46803 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 7.5 High |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS). | ||||
| CVE-2023-46264 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution. | ||||
| CVE-2023-46263 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution. | ||||
| CVE-2023-46261 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46259 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46258 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46225 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46224 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46223 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46222 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46221 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46220 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46216 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-46174 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-11-21 | 5.4 Medium |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506. | ||||
| CVE-2023-45883 | 3 Enghouse, Microsoft, Qumu | 3 Qumu, Windows, Mulitcast Extension | 2024-11-21 | 7.8 High |
| A privilege escalation vulnerability exists within the Qumu Multicast Extension v2 before 2.0.63 for Windows. When a standard user triggers a repair of the software, a pop-up window opens with SYSTEM privileges. Standard users may use this to gain arbitrary code execution as SYSTEM. | ||||
| CVE-2023-45702 | 2 Hcltechsw, Microsoft | 2 Hcl Launch, Windows | 2024-11-21 | 6.2 Medium |
| An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts.. | ||||
| CVE-2023-45284 | 2 Golang, Microsoft | 2 Go, Windows | 2024-11-21 | 5.3 Medium |
| On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local. | ||||
| CVE-2023-45252 | 2 Huddly, Microsoft | 2 Huddlycameraservice, Windows | 2024-11-21 | 7.8 High |
| DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges. | ||||