Download
| Alert*
oval:org.secpod.oval:def:47880
The operating system installed on the system is Microsoft Windows 10 Version 1809 oval:org.secpod.oval:def:60677 The host is missing an important security update for KB4534293 oval:org.secpod.oval:def:60671 The host is missing a critical security update for KB4528760 oval:org.secpod.oval:def:59872 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:59916 The host is missing an important security update for KB4530714 oval:org.secpod.oval:def:59918 The host is missing an important security update for KB4530717 oval:org.secpod.oval:def:63248 The host is missing an important security update for KB4552928 oval:org.secpod.oval:def:63249 The host is missing an important security update for KB4552931 oval:org.secpod.oval:def:63250 The host is missing an important security update for 4552929 oval:org.secpod.oval:def:66149 The host is missing an important security update for KB4579311 oval:org.secpod.oval:def:66148 The host is missing an important security update for KB4577671 oval:org.secpod.oval:def:49748 The host is missing an important security update for KB4471324 oval:org.secpod.oval:def:50747 The host is missing an important security update for KB4487017 oval:org.secpod.oval:def:50135 The host is missing an important security update for KB4480966 oval:org.secpod.oval:def:49157 The host is missing a critical security update for KB4467702 oval:org.secpod.oval:def:51413 The host is missing an critical security update for KB4489868 oval:org.secpod.oval:def:57322 The host is missing a critical security update for KB4507435 oval:org.secpod.oval:def:57327 The host is missing an important security update for KB4507453 oval:org.secpod.oval:def:54751 The host is missing an important security update for KB4499179 oval:org.secpod.oval:def:54748 The host is missing an important security update for KB4499167 oval:org.secpod.oval:def:54753 The host is missing an important security update for KB4499181 oval:org.secpod.oval:def:54196 The host is missing an important security update for KB4493464 oval:org.secpod.oval:def:55441 The host is missing a critical security update for KB4503293 oval:org.secpod.oval:def:55436 The host is missing an important security update for KB4503286 oval:org.secpod.oval:def:61350 The host is missing an important security update for KB4537762 oval:org.secpod.oval:def:61354 The host is missing an important security update for KB4532693 oval:org.secpod.oval:def:59909 The host is missing an important security update for KB4530684 oval:org.secpod.oval:def:63193 The host is missing a critical security update for KB4556807 oval:org.secpod.oval:def:63187 The host is missing a critical security update for KB4556799 oval:org.secpod.oval:def:58970 The host is missing an important security update for KB4520008 oval:org.secpod.oval:def:58959 The host is missing an important security update for KB4517389 oval:org.secpod.oval:def:61938 The host is missing a critical security update for KB4540673 oval:org.secpod.oval:def:61950 The host is missing an important security update for KB4540689 oval:org.secpod.oval:def:58511 The host is missing an important security update for KB4515384 oval:org.secpod.oval:def:58514 The host is missing an important security update for KB4516058 oval:org.secpod.oval:def:66928 Windows Network File System Remote Code Execution Vulnerability. oval:org.secpod.oval:def:61334 The host is missing an important security update 4502496. oval:org.secpod.oval:def:47879 The operating system installed on the system is Microsoft Windows 10 Version 1809 (32 bit) oval:org.secpod.oval:def:47881 The operating system installed on the system is Microsoft Windows 10 Version 1809 (64 bit) oval:org.secpod.oval:def:47885 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:47884 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:47887 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:47886 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:47883 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:47889 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:47890 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:47892 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:49679 A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions. An attacker who exploited the vulnerability could run arbitrary code with medium-integrity level privileges (the permissions of the current ... oval:org.secpod.oval:def:49677 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:49678 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:49676 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:49682 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:49683 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:49680 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:49681 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:49684 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:50052 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:50053 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:50054 An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object. An attacker who successfully exploited the vulnerability could use the Browser Broker COM object to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code executi ... oval:org.secpod.oval:def:50055 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:50056 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:50057 A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnera ... oval:org.secpod.oval:def:50002 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:50009 The host is missing a critical security update for KB4483235 oval:org.secpod.oval:def:49198 The host is missing a critical security update according to Microsoft advisory, ADV180030. The update is required to fix a type confusion vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to cause arbitrary c ... oval:org.secpod.oval:def:49197 The host is installed with Adobe Flash Player before 31.0.0.153 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a type confusion vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could lead to arbitrary code exec ... oval:org.secpod.oval:def:49116 The host is missing a important security update according to Microsoft advisory, ADV180025. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to obtain sensitive infor ... oval:org.secpod.oval:def:49117 The host is installed with Adobe Flash Player before 31.0.0.148 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a Out-of-bounds Read vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could lead to information dis ... oval:org.secpod.oval:def:49301 The host is installed with Adobe Flash Player before 32.0.0.101 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a use after free vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could lead to arbitrary code exec ... oval:org.secpod.oval:def:49302 The host is installed with Adobe Flash Player before 32.0.0.101 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a DLL hijacking vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to obtain se ... oval:org.secpod.oval:def:49300 The host is missing a critical security update according to Microsoft advisory, ADV180031. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to cause remote code exec ... oval:org.secpod.oval:def:50690 An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk. For an attack to be successful, an attacker must persuade a user to open a malicious web ... oval:org.secpod.oval:def:50682 An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the users computer or data. To exploit the vulnerability, an attacker must know the memory address of where the object wa ... oval:org.secpod.oval:def:50683 A vulnerability exists in Microsoft Chakra JIT server. An attacker who successfully exploited this vulnerability could gain elevated privileges. The vulnerability by itself does not allow arbitrary code to run. However, this vulnerability could be used in conjunction with one or more vulnerabilities ... oval:org.secpod.oval:def:50684 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:50685 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50686 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50687 A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a ... oval:org.secpod.oval:def:50688 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50689 An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. In a web-based attack scenario, an attacker ... oval:org.secpod.oval:def:50670 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50666 The host is installed with Adobe Flash Player through 32.0.0.114 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to ob ... oval:org.secpod.oval:def:50667 The host is missing a critical security update according to Microsoft advisory, ADV190003. The update is required to fix an out-of-bounds read vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to obtain sensi ... oval:org.secpod.oval:def:50668 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50669 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50680 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50681 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:50671 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50672 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:50673 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50674 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50675 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:50676 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50677 A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting. Edge depends on a default whitelist of sites where Adobe Flash will load without user interaction. Because the whitelist was not scheme-aware, an attacker could use a man in the middle attack to cause Flash polici ... oval:org.secpod.oval:def:50678 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:50679 An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all webpages in the affected browser. In a web-based attack scenario, an attacker could host a website ... oval:org.secpod.oval:def:51345 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:51347 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:51346 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:51349 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:51348 A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution. However, an attacker could use the bypass vulnerability in conjunction with another vulnerabilit ... oval:org.secpod.oval:def:50421 The host is missing an update according to Microsoft advisory, ADV190001. oval:org.secpod.oval:def:51350 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:51352 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:51351 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:51360 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:51363 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:51362 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:51354 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:51353 An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website that is used to ... oval:org.secpod.oval:def:51356 A security feature bypass vulnerability exists when Internet Explorer fails to validate the correct Security Zone of requests for specific URLs. This could allow an attacker to cause a user to access a URL in a less restricted Internet Security Zone than intended. To exploit this vulnerability, an a ... oval:org.secpod.oval:def:51355 An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. In a web-based attack scenario, an attacke ... oval:org.secpod.oval:def:51358 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:51357 A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Site cookie restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited ... oval:org.secpod.oval:def:51359 A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to s ... oval:org.secpod.oval:def:51372 The host is missing a low security update according to Microsoft advisory, ADV190008. oval:org.secpod.oval:def:51365 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit ... oval:org.secpod.oval:def:51366 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:51424 The host is missing a critical security update for 4489873 oval:org.secpod.oval:def:54130 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:54131 A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions. An attacker who exploited the vulnerability could pass custom command line parameters. In a web-based attack scenario, an attacker could host a specially crafted website designed to app ... oval:org.secpod.oval:def:54134 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54135 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54132 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54133 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54128 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:54129 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:54140 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:54138 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54139 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54136 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack scenario, an attacker ... oval:org.secpod.oval:def:54137 An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. In a web-based attack scenario, an attacker could host a webs ... oval:org.secpod.oval:def:54152 The host is missing a critical security update according to Microsoft advisory, ADV190011. The update is required to fix an out-of-bounds read vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to obtain sensi ... oval:org.secpod.oval:def:54150 The host is installed with Adobe Flash Player through 32.0.0.171 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to ob ... oval:org.secpod.oval:def:54151 The host is installed with Adobe Flash Player through 32.0.0.171 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a use-after-free vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:54657 The host is installed with Adobe Flash Player before 32.0.0.192 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a use-after-free vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:54658 The host is missing a critical security update according to Microsoft advisory, ADV190012. The update is required to fix a use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:54673 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54674 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54671 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:54672 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:54680 An spoofing vulnerability exists when Internet Explorer improperly handles URLs. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a pivot to chain ... oval:org.secpod.oval:def:54681 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54684 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54685 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:54682 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54683 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54677 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54678 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54675 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54676 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54679 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:54691 An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox. The vulnerabi ... oval:org.secpod.oval:def:54692 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit ... oval:org.secpod.oval:def:54690 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54693 A security feature bypass vulnerability exists when urlmon.dll improperly handles certain Mark of the Web queries. The vulnerability allows Internet Explorer to bypass Mark of the Web warnings or restrictions for files downloaded or created in a specific way. In a web-based attack scenario, an attac ... oval:org.secpod.oval:def:54688 An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack scenario, an attac ... oval:org.secpod.oval:def:54689 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54686 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:54687 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:55340 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55344 An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. In a web-based attack scenario, an attacker ... oval:org.secpod.oval:def:55345 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55342 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55343 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:55337 An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. In a web-based attack scenario, an attacker ... oval:org.secpod.oval:def:55338 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55335 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:55336 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55339 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55351 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:55352 An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack scenario ... oval:org.secpod.oval:def:55350 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:55348 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55349 A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed. In a web-based attack scenario, an attacker could host a malicious website that is desig ... oval:org.secpod.oval:def:55346 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit ... oval:org.secpod.oval:def:55347 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:55333 The host is missing a critical security update according to Microsoft advisory, ADV190015. The update is required to fix a use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:55334 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:55332 The host is installed with Adobe Flash Player before 32.0.0.207 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a use-after-free vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:55360 The host is installed with Adobe Flash Player before 32.0.0.207 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a use-after-free vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:55361 The host is missing a critical security update according to Microsoft advisory, ADV190015. The update is required to fix a use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:57240 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57243 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57242 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57241 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit ... oval:org.secpod.oval:def:57239 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57238 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:57233 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:57237 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57236 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:57235 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:57234 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:57891 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57853 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57852 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57851 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:57850 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57849 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack scenario, an attacker ... oval:org.secpod.oval:def:57860 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57857 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:57856 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit ... oval:org.secpod.oval:def:57855 A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully ex ... oval:org.secpod.oval:def:57854 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57859 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57858 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:57923 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:58450 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58458 The host is missing a critical security update according to Microsoft advisory, ADV190022. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:58448 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58449 An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack sc ... oval:org.secpod.oval:def:58460 The host is installed with Adobe Flash Player before 32.0.0.255 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a use-after-free vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:58459 The host is installed with Adobe Flash Player before 32.0.0.255 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a same origin method execution vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:58444 A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs. This could allow an attacker to cause a user to access a URL in a less restricted Internet Security Zone than intended. To exploit this vulnerability, an a ... oval:org.secpod.oval:def:58445 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:58446 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:58447 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58441 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58442 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:58443 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58895 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58896 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58897 An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack sc ... oval:org.secpod.oval:def:58898 A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies. An attacker who successfully exploited this vulnerability could trick a browser into overwriting a secure cookie with an insecure cookie. The insecure cookie could serve as a pivot to chain an attack with othe ... oval:org.secpod.oval:def:58891 A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an ... oval:org.secpod.oval:def:58892 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:58893 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:58894 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58899 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully ex ... oval:org.secpod.oval:def:58900 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:59630 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:59629 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfu ... oval:org.secpod.oval:def:59625 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:59626 A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls. An attacker who successfully exploited this vulnerability could trick a browser into installing an extension without the user's consent. To expl ... oval:org.secpod.oval:def:59627 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfu ... oval:org.secpod.oval:def:59628 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfu ... oval:org.secpod.oval:def:59845 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:60619 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:61223 The host is installed with Adobe Flash Player before 32.0.0.330 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a type confusion vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:61221 The host is missing an important security update according to Microsoft advisory, ADV200003. The update is required to fix type confusion vulnerability. The flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:61335 The host is missing an important security update 4524244. oval:org.secpod.oval:def:61819 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61818 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61817 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:61816 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61815 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:61814 An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the users computer or data. To exploit the vulnerability, an attacker must know the memory address of where the object wa ... oval:org.secpod.oval:def:61813 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who s ... oval:org.secpod.oval:def:61812 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who s ... oval:org.secpod.oval:def:61811 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:61822 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61821 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61820 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61262 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61261 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61260 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61259 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61258 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61257 An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all of the web pages in the affected browser. In a web-based attack scenario, an attacker c ... oval:org.secpod.oval:def:61256 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:61255 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:61254 An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website that is used to ... oval:org.secpod.oval:def:61828 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61827 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:61826 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:61825 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:61824 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:61823 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited ... oval:org.secpod.oval:def:62451 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:62450 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:62449 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:62454 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:62453 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who su ... oval:org.secpod.oval:def:62452 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:63067 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who su ... oval:org.secpod.oval:def:63066 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63077 A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vul ... oval:org.secpod.oval:def:63076 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63075 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:63074 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:63073 A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnera ... oval:org.secpod.oval:def:63072 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability c ... oval:org.secpod.oval:def:63071 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63070 A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof content or serve as a pivot ... oval:org.secpod.oval:def:63069 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63068 An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website that is used to ... oval:org.secpod.oval:def:63634 The host is installed with Adobe Flash Player before 32.0.0.387 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a use after free vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:63638 The host is missing a ciritcal security update according to Microsoft advisory, ADV200010. The update is required to fix a use after free vulnerability. The flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:63662 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:63663 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63664 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63665 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63666 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63667 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit ... oval:org.secpod.oval:def:63668 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63669 An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all webpages in the affected browser. In a web-based attack scenario, an attacker could host a website ... oval:org.secpod.oval:def:63670 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:63671 An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack scenario, an attac ... oval:org.secpod.oval:def:64191 An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. To exploit the vulnerability, in a web-based attack scenario, ... oval:org.secpod.oval:def:64192 An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based). An attacker who exploited the vulnerability could cause the user to place a call without additional consent, leading to information disclosure of the user profile. For the vulnerab ... oval:org.secpod.oval:def:64193 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:64194 An information disclosure vulnerability exists when Skype for Business is accessed via Internet Explorer. An attacker who exploited the vulnerability could cause the user to place a call without additional consent, leading to information disclosure of the user profile. For the vulnerability to be ex ... oval:org.secpod.oval:def:66625 The host is installed with Microsoft Windows 7 and above and is prone to a windows kernel zero day vulnerability. A flaw is present in the application, which fails to handle Windows Kernel Cryptography Driver. Successful exploitation allows attackers to perform a privilege escalation (such as sandbo ... oval:org.secpod.oval:def:66063 An elevation of privilege vulnerability exists in Windows Setup in the way it handles directories.A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or dele ... oval:org.secpod.oval:def:66020 The host is installed with Adobe Flash Player before 32.0.0.445 or flash plugin for IE10, IE 11 or Microsoft Edge and is prone to a NULL pointer dereference vulnerability. A flaw is present in the applications, which fail to handle unspecified vectors. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:66021 The host is missing a ciritcal security update according to Microsoft advisory, ADV200012. The update is required to fix a NULL pointer dereference vulnerability. The flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execu ... oval:org.secpod.oval:def:68161 Microsoft Edge (HTML-based) Memory Corruption Vulnerability. oval:org.secpod.oval:def:67644 Chakra Scripting Engine Memory Corruption Vulnerability. oval:org.secpod.oval:def:68183 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66897 Internet Explorer Memory Corruption Vulnerability. oval:org.secpod.oval:def:66896 Scripting Engine Memory Corruption Vulnerability. oval:org.secpod.oval:def:66899 Chakra Scripting Engine Memory Corruption Vulnerability. oval:org.secpod.oval:def:66898 Microsoft Browser Memory Corruption Vulnerability. oval:org.secpod.oval:def:66900 Chakra Scripting Engine Memory Corruption Vulnerability. oval:org.secpod.oval:def:68205 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69985 Internet Explorer Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69986 The host is installed with Internet Explorer and is prone to a memory corruption vulnerability. An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of c ... oval:org.secpod.oval:def:76088 Windows 10 Update Assistant Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:77162 Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability oval:org.secpod.oval:def:62551 An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerabil ... oval:org.secpod.oval:def:82972 Windows Defender Credential Guard Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82971 Windows Defender Credential Guard Security Feature Bypass Vulnerability. A remote authenticated attacker can gain elevated privileges on the target system. oval:org.secpod.oval:def:87534 .NET Framework Denial of service Vulnerability. An authenticated attacker could exploit this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:87535 .NET Framework Remote code execution Vulnerability. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. In order to exploit this vulnerability, an attacker or victim must execute code on the victim's machine. oval:org.secpod.oval:def:90785 Windows Installer Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90787 Microsoft Message Queuing Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. This could result in remote code execution on the server side. oval:org.secpod.oval:def:90782 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:90781 Microsoft ODBC Driver Remote Code Execution Vulnerability. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32038 oval:org.secpod.oval:def:90796 Windows Authentication Denial of Service Vulnerability oval:org.secpod.oval:def:90795 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90794 Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack. oval:org.secpod.oval:def:90778 Windows Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90803 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90805 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:90804 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:90807 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90806 Windows Clip Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:90912 Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules. Trend Micro has released this CVE to address a secure boot bypass. Subsequently Microsoft has released the July Windows security updates to block the vulnerable UEFI modules by using the DBX (UEFI Secure Boot Forbi ... oval:org.secpod.oval:def:94453 Microsoft Defender Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:54744 The host is missing an important security update for KB4499154 oval:org.secpod.oval:def:59908 The host is missing an important security update for KB4530681 oval:org.secpod.oval:def:64351 The host is missing a critical security update for KB4565513 oval:org.secpod.oval:def:54740 The host is missing an important security update for KB4494440 oval:org.secpod.oval:def:57887 A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine.To exploit the vulnerability, an attacker could send specia ... oval:org.secpod.oval:def:59910 The host is missing a low severity security update for KB4530689 oval:org.secpod.oval:def:62557 The host is missing a critical severity security update for KB4550929 oval:org.secpod.oval:def:63247 The host is missing an important security update for KB4552926 oval:org.secpod.oval:def:64350 The host is missing a critical severity security update for KB4565511 oval:org.secpod.oval:def:47904 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:47903 A remote code execution vulnerability exists in the Microsoft JET Database Engine. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. ... oval:org.secpod.oval:def:47906 An information disclosure vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability could allow an attacker to determine the presence of files on disk. To exploit the vulnerability, a user would have to open a specially crafte ... oval:org.secpod.oval:def:47905 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:47900 An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute elevated code and take control of an affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:47902 A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, ... oval:org.secpod.oval:def:47901 An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially craft ... oval:org.secpod.oval:def:47908 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:47907 An information disclosure vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability could allow an attacker to determine the presence of files on disk. To exploit the vulnerability, a user would have to open a specially crafte ... oval:org.secpod.oval:def:47909 An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specia ... oval:org.secpod.oval:def:49693 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit t ... oval:org.secpod.oval:def:49694 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit t ... oval:org.secpod.oval:def:49691 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to a ... oval:org.secpod.oval:def:49692 An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain infor ... oval:org.secpod.oval:def:49697 A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values. An attacker who successfully exploited this vulnerability could deny dependent security feature functionality. To exploit this vulnerability, an attacker would ha ... oval:org.secpod.oval:def:49695 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker with unprivileged access to a vulnerable system co ... oval:org.secpod.oval:def:49696 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:49755 The host is missing an important security update for KB4471332 oval:org.secpod.oval:def:49760 The host is missing a critical security update 4470502 oval:org.secpod.oval:def:49701 A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete ... oval:org.secpod.oval:def:49702 An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel ... oval:org.secpod.oval:def:49700 A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DN ... oval:org.secpod.oval:def:49705 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:49706 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a special ... oval:org.secpod.oval:def:49703 An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a special ... oval:org.secpod.oval:def:49704 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:49716 A denial of service vulnerability exists when .NET Framework improperly handles special web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an .NET Framework web application. The vulnerability can be exploited remotely, without authenticati ... oval:org.secpod.oval:def:49717 A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new ac ... oval:org.secpod.oval:def:47914 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system. To exploit the vulnerability, an attacker could host a ... oval:org.secpod.oval:def:47917 An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. Exploitation of the vulnerability requires that a pro ... oval:org.secpod.oval:def:47916 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially cr ... oval:org.secpod.oval:def:47911 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:47910 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:47912 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integr ... oval:org.secpod.oval:def:47927 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted f ... oval:org.secpod.oval:def:47930 The host is missing a moderate severity security update for KB4464330 oval:org.secpod.oval:def:50070 An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application. oval:org.secpod.oval:def:50071 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to a ... oval:org.secpod.oval:def:50072 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50073 An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the ... oval:org.secpod.oval:def:49092 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:49099 An information disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of a elevated process. To exploit this vulnerability, an authenticated attacker c ... oval:org.secpod.oval:def:49097 A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. To exploit the vulnerability, an attacker would first have to access the local machine, and run a specially crafted application to create arbitrary COM objects. The update addre ... oval:org.secpod.oval:def:49096 A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code. To exploit this vulnerability, an attacker would need to log on to the affected system and run a specially crafted application. The security update addresses the vulnerability by correcting log mana ... oval:org.secpod.oval:def:49093 A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system. To exploit the vulnerability, an attacker must send a specially crafted file to a vu ... oval:org.secpod.oval:def:49094 An information disclosure vulnerability exists when Kernel Remote Procedure Call Provider driver improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability co ... oval:org.secpod.oval:def:49161 A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. To exploit the vulnerability, an attacker must gain physical acces ... oval:org.secpod.oval:def:49107 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:49108 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:49105 An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. ... oval:org.secpod.oval:def:49103 A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server. An authenticated attacker could exploit the vulnerability by sending ... oval:org.secpod.oval:def:49104 A security feature bypass exists when Windows incorrectly validates kernel driver signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed drivers into the kernel. In an attack scenario, an attacker could bypass security feature ... oval:org.secpod.oval:def:49102 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:49109 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:49112 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view ... oval:org.secpod.oval:def:47897 A security feature bypass vulnerability exists in DNS Global Blocklist feature. An attacker who successfully exploited this vulnerability could redirect traffic to malicious DNS endpoints. The update addresses the vulnerability by updating DNS Server Role record additions to not bypass the Global ... oval:org.secpod.oval:def:47899 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:50720 An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the victims system. To exploit the vulnerability, an attacker ... oval:org.secpod.oval:def:50721 An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the victims system. To exploit the vulnerability, an attacker ... oval:org.secpod.oval:def:50722 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit t ... oval:org.secpod.oval:def:50723 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit t ... oval:org.secpod.oval:def:50724 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit t ... oval:org.secpod.oval:def:50725 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:50726 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit t ... oval:org.secpod.oval:def:50727 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to a ... oval:org.secpod.oval:def:50729 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50730 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first ha ... oval:org.secpod.oval:def:50731 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on t ... oval:org.secpod.oval:def:50732 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first ha ... oval:org.secpod.oval:def:50733 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first ha ... oval:org.secpod.oval:def:50734 An information vulnerability exists when Windows improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read the contents of files on disk. To exploit the vulnerability, an attacker would have to log onto an affected system and run a specially ... oval:org.secpod.oval:def:50735 A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections. This vulnerability occurs when Windows is connected to both an ethernet network and a cellular network. An attacker would have no way to trigger this v ... oval:org.secpod.oval:def:50736 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:50737 An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have to gain execution on t ... oval:org.secpod.oval:def:50738 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit t ... oval:org.secpod.oval:def:50740 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:50755 The host is missing an important security update for KB4487044 oval:org.secpod.oval:def:50709 A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged ... oval:org.secpod.oval:def:50710 A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's. An attacker who successfully exploited this vulnerability could use it to bypass security logic intended to ensure that a user-provided URL belonged to a specific hostname or a subdomain of that hos ... oval:org.secpod.oval:def:50711 A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most sit ... oval:org.secpod.oval:def:50712 A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most si ... oval:org.secpod.oval:def:50713 A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server. To exploit the vulnerability, an attacker could send a ... oval:org.secpod.oval:def:50714 An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that ... oval:org.secpod.oval:def:50715 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50716 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50717 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50718 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50719 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50795 The host is missing an important security update 4483452 oval:org.secpod.oval:def:50075 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to a ... oval:org.secpod.oval:def:50076 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:50080 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to a ... oval:org.secpod.oval:def:50081 An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandb ... oval:org.secpod.oval:def:50082 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by runnin ... oval:org.secpod.oval:def:50083 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted applica ... oval:org.secpod.oval:def:50084 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted a ... oval:org.secpod.oval:def:50085 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted a ... oval:org.secpod.oval:def:50086 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted a ... oval:org.secpod.oval:def:50087 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted a ... oval:org.secpod.oval:def:50077 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:50078 An elevation of privilege exists in Windows COM Desktop Broker. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This v ... oval:org.secpod.oval:def:50079 An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. A attacker could exploit this vulnerability by running a sp ... oval:org.secpod.oval:def:51374 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit ... oval:org.secpod.oval:def:51373 A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attac ... oval:org.secpod.oval:def:50090 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50091 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50092 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50093 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50094 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50095 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50096 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50097 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50088 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50089 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:50128 The host is missing an important security update for KB4480116 oval:org.secpod.oval:def:51381 An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially craft ... oval:org.secpod.oval:def:51380 An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially craft ... oval:org.secpod.oval:def:51383 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:51382 An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially craft ... oval:org.secpod.oval:def:51385 A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send a sp ... oval:org.secpod.oval:def:51384 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:51376 An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially craft ... oval:org.secpod.oval:def:51375 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to ope ... oval:org.secpod.oval:def:51378 An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially craft ... oval:org.secpod.oval:def:51379 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerab ... oval:org.secpod.oval:def:51390 An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerabil ... oval:org.secpod.oval:def:51392 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specia ... oval:org.secpod.oval:def:51391 A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send a sp ... oval:org.secpod.oval:def:51394 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system. To exploit the vulnerability, an attacker could host a ... oval:org.secpod.oval:def:51393 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:51396 A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could g ... oval:org.secpod.oval:def:51395 An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory. An attacker who successfully exploited this vulnerability could use the information to further exploit the victim system. To exploit this vulnerability, an attacker would have t ... oval:org.secpod.oval:def:51387 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:51386 A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send a sp ... oval:org.secpod.oval:def:51389 An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerabil ... oval:org.secpod.oval:def:51388 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:51398 An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to ... oval:org.secpod.oval:def:51397 An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vu ... oval:org.secpod.oval:def:51399 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:51414 The host is missing an critical security update for KB4489899 oval:org.secpod.oval:def:51400 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit ... oval:org.secpod.oval:def:51402 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have to either l ... oval:org.secpod.oval:def:51401 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:51404 A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vul ... oval:org.secpod.oval:def:51403 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to l ... oval:org.secpod.oval:def:51405 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:51407 An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerabil ... oval:org.secpod.oval:def:54170 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:54171 An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, ... oval:org.secpod.oval:def:54174 An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:54175 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:54173 An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. An attacker could then install programs ... oval:org.secpod.oval:def:54178 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:54179 A remote code execution vulnerability exists when the IOleCvt interface renders ASP webpage content. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.In a web-based attack scenario, an attacker could host a specially craft ... oval:org.secpod.oval:def:54176 An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To e ... oval:org.secpod.oval:def:54177 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:54169 An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, ... oval:org.secpod.oval:def:54181 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54182 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:54180 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54185 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:54186 A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could take control of an affected system.To exploit the vulnerability, an authenticated attacker could connect via the Windows Remote Registry Serv ... oval:org.secpod.oval:def:54183 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:54184 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54187 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:54188 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54153 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:54156 An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, ... oval:org.secpod.oval:def:54157 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on ... oval:org.secpod.oval:def:54154 An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to se ... oval:org.secpod.oval:def:54155 An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, ... oval:org.secpod.oval:def:54160 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.To exploit the vulnerability, an attacker could host a s ... oval:org.secpod.oval:def:54163 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.To exploit the vulnerability, an attacker could host a s ... oval:org.secpod.oval:def:54164 A remote code execution vulnerability exists when OLE automation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could gain execution on the victim system.To exploit the vulnerability, an attacker could host a specially crafted website designed to invok ... oval:org.secpod.oval:def:54161 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.To exploit the vulnerability, an attacker could host a s ... oval:org.secpod.oval:def:54162 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.To exploit the vulnerability, an attacker could host a s ... oval:org.secpod.oval:def:54167 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:54168 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:54165 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.To exploit the vulnerability, an attacker could host a s ... oval:org.secpod.oval:def:54166 An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could set the short name of a file with a long name to an arbitrary short name, overriding the file system with limited priv ... oval:org.secpod.oval:def:54158 An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:54159 An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker who successfully exploited this vulnerability could bypass certai ... oval:org.secpod.oval:def:54203 The host is missing an important security update for KB4493509 oval:org.secpod.oval:def:54721 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54722 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54720 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54725 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54726 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54723 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54724 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54729 An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on th ... oval:org.secpod.oval:def:54727 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54728 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:54732 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:54730 An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.To exploit this vul ... oval:org.secpod.oval:def:54731 An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry. An attacker who successfully exploited the vulnerability could make changes to the registry keys protected by UWF without having administrator ... oval:org.secpod.oval:def:54741 The host is missing an important security update for KB4494441 oval:org.secpod.oval:def:54702 An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to ele ... oval:org.secpod.oval:def:54707 An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and replace authentication request using Kerberos, allowing an attacker to be validated as an Administrator.The update addresses this vulnerability by changing how the ... oval:org.secpod.oval:def:54708 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:54705 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially cr ... oval:org.secpod.oval:def:54706 A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could circumvent Windows PowerShell Constrained Language Mode on the machine.To exploit th ... oval:org.secpod.oval:def:54709 An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:54710 An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.A locally authenticated attacker could exploit this vulnerability by running a spec ... oval:org.secpod.oval:def:54711 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:54714 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54715 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54712 A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file or a program, ... oval:org.secpod.oval:def:54713 An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that ... oval:org.secpod.oval:def:54718 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54719 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54716 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:54717 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:54864 The host is missing an important security update for KB4499405 oval:org.secpod.oval:def:55380 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:55381 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:55382 A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering.To exploit this vulnerab ... oval:org.secpod.oval:def:55383 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, ... oval:org.secpod.oval:def:55379 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:55367 An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then instal ... oval:org.secpod.oval:def:55370 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:55373 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:55374 A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim users privileges.An attacker could craft a website that exploits the vulnerability a ... oval:org.secpod.oval:def:55371 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:55372 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:55377 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:55378 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:55375 A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could g ... oval:org.secpod.oval:def:55376 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:55368 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:54189 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:57280 An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit the vulnerabilit ... oval:org.secpod.oval:def:57284 An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit the vulnerabilit ... oval:org.secpod.oval:def:57283 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:57282 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:57281 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:57289 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:57290 An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have ... oval:org.secpod.oval:def:57295 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57294 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57293 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57292 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57299 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57298 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57297 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57296 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57317 The host is missing an important security update for KB4507419 oval:org.secpod.oval:def:57303 An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To e ... oval:org.secpod.oval:def:57302 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57301 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57307 A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user ... oval:org.secpod.oval:def:57306 A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET web application. A remote unauthenticated attacker could exploit this vulner ... oval:org.secpod.oval:def:57304 An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To e ... oval:org.secpod.oval:def:57871 A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, an attacker could modify a signed CAB file and ... oval:org.secpod.oval:def:57872 An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially craft ... oval:org.secpod.oval:def:55384 An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaratio ... oval:org.secpod.oval:def:55385 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have t ... oval:org.secpod.oval:def:55388 This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the t ... oval:org.secpod.oval:def:55389 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:55391 An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on th ... oval:org.secpod.oval:def:55392 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have t ... oval:org.secpod.oval:def:55395 An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on th ... oval:org.secpod.oval:def:55396 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:55394 An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.To exploit this vulnerability, an attacker would first have to l ... oval:org.secpod.oval:def:55398 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:55400 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:55410 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:55411 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:55402 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:55407 A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access another ... oval:org.secpod.oval:def:55408 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:55405 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:55406 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:55409 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:57259 A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.This vulnerability by itself does not allow arbitrary code exe ... oval:org.secpod.oval:def:57262 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:57261 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:57260 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:57266 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could th ... oval:org.secpod.oval:def:57265 A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature.An attacker could exploit the vulnerability by creating a specially crafted connection or message.The security update addresses the vulnerability by correcting the way SymCrypt handles dig ... oval:org.secpod.oval:def:57267 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:57273 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:57272 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulnerability by running ... oval:org.secpod.oval:def:57271 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:57270 An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:57277 An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request.To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application.The security update addresses this vulnerability by correct ... oval:org.secpod.oval:def:57276 An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:57274 An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack.An attacker who successfully exploited this vulnerability could potentially access unauthorized information.The update addresses this vulner ... oval:org.secpod.oval:def:57279 An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process.To exploit this vulnerability, an authenticated attacker could run a ... oval:org.secpod.oval:def:57278 An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte ... oval:org.secpod.oval:def:55414 An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to fu ... oval:org.secpod.oval:def:55415 A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.To exploit th ... oval:org.secpod.oval:def:55412 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:55413 An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnera ... oval:org.secpod.oval:def:55419 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:55416 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:55417 A security feature bypass vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system. An attacker who successfully exploited t ... oval:org.secpod.oval:def:55425 An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To e ... oval:org.secpod.oval:def:55426 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:55423 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:55424 An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.To exploit this vulnerability, an attacker would require unprivileged execution on the vic ... oval:org.secpod.oval:def:55427 An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system.To exploit the vulnerability, an attacker would require unprivileged code ... oval:org.secpod.oval:def:55442 The host is missing a moderate severity security update for KB4503327 oval:org.secpod.oval:def:58053 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:57882 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:57881 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:57880 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:57886 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:57885 A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system t ... oval:org.secpod.oval:def:57884 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:57883 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:57878 An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:57877 A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by iss ... oval:org.secpod.oval:def:57876 An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to an affected syste ... oval:org.secpod.oval:def:57893 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:57892 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.There are multiple ways an attacker could exploit the ... oval:org.secpod.oval:def:57890 An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulnerabilit ... oval:org.secpod.oval:def:57897 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:57896 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:57895 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:57894 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:57889 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.To exploit the vulnerability, an attacker could host a s ... oval:org.secpod.oval:def:57888 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:57899 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:57898 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:57912 An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user into ... oval:org.secpod.oval:def:57911 An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.To exploit the vulnerability, an attacker w ... oval:org.secpod.oval:def:57916 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:57915 An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:57914 An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:57913 An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:57919 An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte ... oval:org.secpod.oval:def:57918 An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:57917 An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted a ... oval:org.secpod.oval:def:57930 A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding.To exploit the vulnerability, a remote unauthenticated attacker could ... oval:org.secpod.oval:def:57922 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An a ... oval:org.secpod.oval:def:57921 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An a ... oval:org.secpod.oval:def:57920 An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:57927 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rig ... oval:org.secpod.oval:def:57926 An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:57924 An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.To exploit this vulnerabili ... oval:org.secpod.oval:def:57928 An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerabil ... oval:org.secpod.oval:def:57934 An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.To exploit this vulnerability, an attacker would have to con ... oval:org.secpod.oval:def:57933 A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.To ex ... oval:org.secpod.oval:def:57932 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An a ... oval:org.secpod.oval:def:57937 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:57936 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An a ... oval:org.secpod.oval:def:57935 An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.To exploit this vulnerability, an attacker would have to con ... oval:org.secpod.oval:def:57901 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:57900 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:57905 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:57904 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:57902 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:57909 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:57908 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, ... oval:org.secpod.oval:def:57907 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:57906 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.There are multiple ways an attacker could exploit the ... oval:org.secpod.oval:def:58455 An elevation of privilege vulnerability exists in the way that the Windows Network Connectivity Assistant handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker c ... oval:org.secpod.oval:def:58456 An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions. An attacker who successfully exploited the vulnerability could overwrite files that require higher privileges than what the attacker already has. To exploit ... oval:org.secpod.oval:def:58457 An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory. To exploit this vulnerability, an attack ... oval:org.secpod.oval:def:58451 An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives. An attacker who successfully exploited this vulnerability could inject commands or read input sent through a malicious Inp ... oval:org.secpod.oval:def:58452 An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attack ... oval:org.secpod.oval:def:58453 An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files. To exploit this vulnerability, an attacker w ... oval:org.secpod.oval:def:58454 An elevation of privilege exists in hdAudio.sys which may lead to an out of band write. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attack ... oval:org.secpod.oval:def:58466 An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated privileges.To exploit the vulnerability, a locally authenticated attacker could run a specially cr ... oval:org.secpod.oval:def:58468 An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.To exploit the vulnerability, an attacker would first ... oval:org.secpod.oval:def:58469 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58462 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:58463 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:58465 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have t ... oval:org.secpod.oval:def:58470 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58430 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58930 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:58931 An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted application on the ... oval:org.secpod.oval:def:58925 A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.To exploit the vulnerability, an attacker would have t ... oval:org.secpod.oval:def:58926 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to lo ... oval:org.secpod.oval:def:58927 An elevation of privilege vulnerability exists in Microsoft Windows Setup when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To exploit ... oval:org.secpod.oval:def:58928 A denial of service vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially craft ... oval:org.secpod.oval:def:58922 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system.To exploit the vulnerability, an attacker could host a s ... oval:org.secpod.oval:def:58923 A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.To exploit th ... oval:org.secpod.oval:def:58924 An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially craft ... oval:org.secpod.oval:def:58929 A spoofing vulnerability exists when Transport Layer Security (TLS) accesses non- Extended Master Secret (EMS) sessions. An attacker who successfully exploited this vulnerability may gain access to unauthorized information.To exploit the vulnerability, an attacker would have to conduct a man-in-the- ... oval:org.secpod.oval:def:58940 An information disclosure vulnerability exists when Windows Update Client fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process.To exploit this vulnerability, an authenticated attacker co ... oval:org.secpod.oval:def:58942 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to lo ... oval:org.secpod.oval:def:58936 A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.To ex ... oval:org.secpod.oval:def:58937 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:58938 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:58939 An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete dat ... oval:org.secpod.oval:def:58932 An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List (DACL). An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker ... oval:org.secpod.oval:def:58933 An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted application on the ... oval:org.secpod.oval:def:58934 An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete dat ... oval:org.secpod.oval:def:58935 An elevation of privilege vulnerability exists in the Windows redirected drive buffering system (rdbss.sys) when the operating system improperly handles specific local calls within Windows 7 for 32-bit systems. When this vulnerability is exploited within other versions of Windows it can cause a deni ... oval:org.secpod.oval:def:58950 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:58951 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58952 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58947 An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:58948 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:58949 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:58943 An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vuln ... oval:org.secpod.oval:def:58944 An elevation of privilege vulnerability exists when umpo.dll of the Power Service, improperly handles a Registry Restore Key function. An attacker who successfully exploited this vulnerability could delete a targeted registry key leading to an elevated status.To exploit this vulnerability, an attack ... oval:org.secpod.oval:def:58945 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:58946 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:58960 The host is missing an important security update for KB4519338 oval:org.secpod.oval:def:58958 A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory.To exploit the vulnerability, an attacker must gain physical access to the target system ... oval:org.secpod.oval:def:58957 An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context of NT AUTHORITY\sy ... oval:org.secpod.oval:def:59643 A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system t ... oval:org.secpod.oval:def:59640 An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit the vulnerability, an attacker would have to log on ... oval:org.secpod.oval:def:59642 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:58471 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58472 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58477 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58478 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58479 An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit the vulnerabilit ... oval:org.secpod.oval:def:58473 An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit the vulnerabilit ... oval:org.secpod.oval:def:58474 An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit the vulnerabilit ... oval:org.secpod.oval:def:58475 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58476 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58480 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:58481 An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:58482 An information disclosure vulnerability exists when Windows Hyper-V writes uninitialized memory to disk. An attacker could exploit the vulnerability by reading a file to recover kernel memory.To exploit the vulnerability, an attacker would first require access to a Hyper-V host.The security update a ... oval:org.secpod.oval:def:58483 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:58488 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log ... oval:org.secpod.oval:def:58489 An elevation of privilege vulnerability exists in Windows Audio Service when a malformed parameter is processed. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges when used in conjunction with another vulnerability.To exploit the vulnerability ... oval:org.secpod.oval:def:58484 An elevation of privilege exists when Winlogon does not properly handle file path information. An attacker who successfully exploited this vulnerability could run arbitrary code. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To ex ... oval:org.secpod.oval:def:58485 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, ... oval:org.secpod.oval:def:58486 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, ... oval:org.secpod.oval:def:58487 A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected ADFS server.The attacker who successfu ... oval:org.secpod.oval:def:58491 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rig ... oval:org.secpod.oval:def:58492 An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks. An attacker who successfully exploited this vulnerability could potentially read data outside their expected limits.To exploit the vulnerability, an attacker would fi ... oval:org.secpod.oval:def:58490 An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte ... oval:org.secpod.oval:def:58499 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:58495 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:58496 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:58497 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:58498 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:58555 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker with unprivileged access to a vulnerable system co ... oval:org.secpod.oval:def:58551 The host is missing an important security update for KB4514601 oval:org.secpod.oval:def:58500 A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory.To exploit the vulnerability, an attacker must gain physical access to the target system ... oval:org.secpod.oval:def:58501 An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:58502 An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations. An attacker who successfully exploited this vulnerability could write files to folders that require higher privileges than what the attacker already has. ... oval:org.secpod.oval:def:58515 The host is missing an important security update for KB4507469 oval:org.secpod.oval:def:59917 The host is missing an important security update for KB4530715 oval:org.secpod.oval:def:59660 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:59665 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:59666 An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v ... oval:org.secpod.oval:def:59667 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:59661 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:59662 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:59663 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:59664 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:59659 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:60646 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60644 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60641 An elevation of privilege vulnerability exists when Microsoft Cryptographic Services improperly handles files. An attacker could exploit the vulnerability to overwrite or modify a protected file leading to a privilege escalation.To exploit the vulnerability, an attacker would first require execution ... oval:org.secpod.oval:def:60642 A security feature bypass vulnerability exists in Windows 10 when third party filters are called during a password update. Successful exploitation of the vulnerability could allow a user to make use of a blocked password for their account.To exploit the vulnerability, an attacker would need have acc ... oval:org.secpod.oval:def:60640 A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a v ... oval:org.secpod.oval:def:59670 An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an au ... oval:org.secpod.oval:def:59671 An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit the vulnerabilit ... oval:org.secpod.oval:def:59676 An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.To exploit the vulnerability, an attacker would have to log onto an affec ... oval:org.secpod.oval:def:59677 A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems runn ... oval:org.secpod.oval:def:59678 An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a lo ... oval:org.secpod.oval:def:59679 An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker co ... oval:org.secpod.oval:def:59673 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:59674 An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ap ... oval:org.secpod.oval:def:59675 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap ... oval:org.secpod.oval:def:59669 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:59681 A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission.To exploit the vulnerabili ... oval:org.secpod.oval:def:59687 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:59688 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:59689 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:59684 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:59686 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:59690 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:59691 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:59693 An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.To exploit this vulnerability, an attacker would first have to l ... oval:org.secpod.oval:def:59694 A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems runn ... oval:org.secpod.oval:def:60618 A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, le ... oval:org.secpod.oval:def:59645 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:59646 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabil ... oval:org.secpod.oval:def:60629 A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new ac ... oval:org.secpod.oval:def:60627 A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user ... oval:org.secpod.oval:def:60628 A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user ... oval:org.secpod.oval:def:59654 An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.Th ... oval:org.secpod.oval:def:59655 An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete da ... oval:org.secpod.oval:def:59657 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:59650 An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files.To exploit this vulnerability, an authenticated attacker could run a spec ... oval:org.secpod.oval:def:59651 An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files.To exploit this vulnerability, an authenticated attacker could r ... oval:org.secpod.oval:def:59652 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap ... oval:org.secpod.oval:def:59653 A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access another ... oval:org.secpod.oval:def:60638 An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerabi ... oval:org.secpod.oval:def:60639 A denial of service vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially craft ... oval:org.secpod.oval:def:59647 An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:60636 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:59648 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap ... oval:org.secpod.oval:def:60637 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:59649 A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.This vulnerability by itself does not allow arbitrary code exe ... oval:org.secpod.oval:def:60634 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:60630 An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation.To exploit the vulnerability, a user would have to op ... oval:org.secpod.oval:def:60631 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:59866 A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.To ex ... oval:org.secpod.oval:def:59874 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:59875 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:59876 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:59877 An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To e ... oval:org.secpod.oval:def:59870 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:59871 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ... oval:org.secpod.oval:def:59873 An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that ... oval:org.secpod.oval:def:59868 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:59869 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:59882 An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:59883 A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file or a program, ... oval:org.secpod.oval:def:59884 A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers. An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.To exploit the vulnerability, an attacker would first require execution permission ... oval:org.secpod.oval:def:59878 An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers. An authenticated attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.To exploit this vulnerabilit ... oval:org.secpod.oval:def:61304 A remote code execution vulnerability exists when the Windows Imaging Library improperly handles memory.To exploit this vulnerability, an attacker would first have to coerce a victim to open a specially crafted file.The security update addresses the vulnerability by correcting how the Windows Imagin ... oval:org.secpod.oval:def:61303 An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security update addre ... oval:org.secpod.oval:def:61302 An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to di ... oval:org.secpod.oval:def:61301 An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:61300 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:60649 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60647 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60648 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60659 An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:60656 An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.To exploit this vul ... oval:org.secpod.oval:def:60654 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60655 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have t ... oval:org.secpod.oval:def:60652 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60653 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60650 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60651 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:60663 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it ... oval:org.secpod.oval:def:60664 An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names. An attacker who successfully exploited this vulnerability could run arbitrary code as system. An attacker could then install programs; view, change, or delete data; or create new accoun ... oval:org.secpod.oval:def:60661 An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability ... oval:org.secpod.oval:def:60662 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:60660 An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerabi ... oval:org.secpod.oval:def:60673 The host is missing a moderate severity security update for KB4534273 oval:org.secpod.oval:def:60699 The host is missing a critical security update for KB4535101 oval:org.secpod.oval:def:61299 An elevation of privilege vulnerability exists in the way that the Windows Client License Service (ClipSVC) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker ... oval:org.secpod.oval:def:61298 An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.To exploit this vulnerability, an attacker would first have to log on t ... oval:org.secpod.oval:def:61297 An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.To exploit this vulnerability, an attacker would first have to log on t ... oval:org.secpod.oval:def:61253 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:61285 An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerabi ... oval:org.secpod.oval:def:61284 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have t ... oval:org.secpod.oval:def:61283 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could th ... oval:org.secpod.oval:def:61296 An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61295 An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61294 An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61293 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to lo ... oval:org.secpod.oval:def:61292 An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addres ... oval:org.secpod.oval:def:61291 An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addres ... oval:org.secpod.oval:def:61290 An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addres ... oval:org.secpod.oval:def:61289 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:61288 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:61287 An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest. To exploit this vulnerability, an attacker would first need to compromise an Act ... oval:org.secpod.oval:def:61286 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap ... oval:org.secpod.oval:def:61230 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craf ... oval:org.secpod.oval:def:61229 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craf ... oval:org.secpod.oval:def:61228 A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system.To exploit the vulnerability, an attacker who has a domain user account c ... oval:org.secpod.oval:def:61227 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machi ... oval:org.secpod.oval:def:61226 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:61225 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:61224 A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.To ex ... oval:org.secpod.oval:def:61241 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61240 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:61238 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:61237 An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulnerability by running a speciall ... oval:org.secpod.oval:def:61236 An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.To exploit this vulnerability, an attacker would have to l ... oval:org.secpod.oval:def:61235 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:61234 An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An attac ... oval:org.secpod.oval:def:61233 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:61232 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:61231 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:61252 An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a lo ... oval:org.secpod.oval:def:61251 An elevation of privilege vulnerability exists in the way that the tapisrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:61250 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61249 An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.To exploit the vulnerability, an attacker would have to log onto an affected sys ... oval:org.secpod.oval:def:61248 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61247 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61246 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61245 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61244 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61243 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61242 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61333 A security feature bypass vulnerability exists in secure boot. An attacker who successfully exploited the vulnerability can bypass secure boot and load untrusted software. To exploit the vulnerability, an attacker could run a specially crafted application. oval:org.secpod.oval:def:61332 An elevation of privilege vulnerability exists in the way that the sysmain.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:61331 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:61353 The host is missing an important security update for KB4532691 oval:org.secpod.oval:def:61308 An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.To exploit this vulnerability, an attacker would first have to l ... oval:org.secpod.oval:def:61307 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rig ... oval:org.secpod.oval:def:61306 An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would f ... oval:org.secpod.oval:def:61319 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap ... oval:org.secpod.oval:def:61318 An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation.To exploit the vulnerability, a user would have to op ... oval:org.secpod.oval:def:61317 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:61316 An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61315 An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61314 An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61313 An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61312 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:61310 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:61329 An elevation of privilege vulnerability exists when Windows improperly handles Secure Socket Shell remote commands. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the ... oval:org.secpod.oval:def:61328 An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addres ... oval:org.secpod.oval:def:61327 An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addres ... oval:org.secpod.oval:def:61326 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:61325 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:61324 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:61322 An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61321 An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61320 An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addres ... oval:org.secpod.oval:def:61859 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:61858 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61857 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61856 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61855 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:61854 An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions. An atta ... oval:org.secpod.oval:def:61853 An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then instal ... oval:org.secpod.oval:def:61852 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.An attacker with unprivileged access to a vulnerable system could exploit th ... oval:org.secpod.oval:def:61851 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:61850 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61869 An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.To exploit the vulnerability, an attacker would have to log onto an affected sys ... oval:org.secpod.oval:def:61868 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61867 An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a spec ... oval:org.secpod.oval:def:61866 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:61865 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:61864 An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An attacker who had already gained execution on the victim system could ... oval:org.secpod.oval:def:61863 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:61862 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system.An attacker could then run a specially cra ... oval:org.secpod.oval:def:61861 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:61860 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:61879 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61878 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:61877 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:61876 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:61875 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:61874 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:61873 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:61870 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:61888 An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:61887 An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upda ... oval:org.secpod.oval:def:61886 An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability to el ... oval:org.secpod.oval:def:61885 An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability to el ... oval:org.secpod.oval:def:61884 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:61883 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rig ... oval:org.secpod.oval:def:61882 A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers. An attacker who successfully exploited the vulnerability could cause a vulnerable server to improperly process HTTP headers and tamper with the responses returned to clients.To exploit the vulner ... oval:org.secpod.oval:def:61881 An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to di ... oval:org.secpod.oval:def:61849 An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.To exploit this vulnerability, an attacker would first have to log on t ... oval:org.secpod.oval:def:61848 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:61847 An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to disclose information.The se ... oval:org.secpod.oval:def:61846 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:61845 An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upda ... oval:org.secpod.oval:def:62160 Microsoft is aware of limited targeted attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released. Two remote code execution vulnerabilities exist in Microsoft Wi ... oval:org.secpod.oval:def:61890 An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:61889 An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upda ... oval:org.secpod.oval:def:61899 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:61898 An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an ... oval:org.secpod.oval:def:61896 An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.To exploit this vulnerability, an attacker would first have to l ... oval:org.secpod.oval:def:61895 An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; vi ... oval:org.secpod.oval:def:61894 An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; vi ... oval:org.secpod.oval:def:61893 An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a ... oval:org.secpod.oval:def:61892 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:61891 An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileg ... oval:org.secpod.oval:def:61948 The host is missing an important security update for KB4538461 oval:org.secpod.oval:def:61909 An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to delete files.To exploit this vulnerability, an attacker would first have ... oval:org.secpod.oval:def:61908 An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.There are multiple ways an attacker coul ... oval:org.secpod.oval:def:61907 An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to log on to the system. An a ... oval:org.secpod.oval:def:61906 An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to log on to the system. An a ... oval:org.secpod.oval:def:61905 An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to log on to the system. An a ... oval:org.secpod.oval:def:61904 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, ... oval:org.secpod.oval:def:61903 An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ... oval:org.secpod.oval:def:61902 An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap ... oval:org.secpod.oval:def:61901 An elevation of privilege vulnerability exists in the way the Provisioning Runtime validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system.To exploit the vulnerability, an attacker would require unprivileged code e ... oval:org.secpod.oval:def:61900 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:61919 An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process.To exploit this vulnerability, an authenticat ... oval:org.secpod.oval:def:61918 An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially cra ... oval:org.secpod.oval:def:61917 An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially cra ... oval:org.secpod.oval:def:61916 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:61915 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:61914 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:61912 An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:61911 An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate pr ... oval:org.secpod.oval:def:61910 An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia ... oval:org.secpod.oval:def:61922 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:61921 An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to log on to the system. An a ... oval:org.secpod.oval:def:61920 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.There are multiple ways an attacker could exploit the ... oval:org.secpod.oval:def:62473 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62472 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62471 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:62470 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:62469 An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an af ... oval:org.secpod.oval:def:62468 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62467 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:62466 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:62465 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:62463 A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code.Exploitation of the vulnerability requires that a program process a specially crafted image ... oval:org.secpod.oval:def:62484 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:62483 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:62482 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:62481 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:62480 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62479 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62478 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62477 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62476 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62475 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:62474 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:62487 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craf ... oval:org.secpod.oval:def:62486 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62485 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:62462 An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log onto an af ... oval:org.secpod.oval:def:62461 An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log onto an af ... oval:org.secpod.oval:def:62460 An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log onto an af ... oval:org.secpod.oval:def:62458 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:62457 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted fi ... oval:org.secpod.oval:def:62456 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:62455 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:62519 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:62518 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:62522 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:62520 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:63123 An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that ... oval:org.secpod.oval:def:63124 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:63125 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:63126 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:63127 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:63128 A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system.To exploit the vulnerability, an attacker who has a domain user account c ... oval:org.secpod.oval:def:63129 An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability ... oval:org.secpod.oval:def:63130 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:63131 An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.A attacker could exploit this vulnerability by running a spe ... oval:org.secpod.oval:def:63132 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:63133 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63112 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63113 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63114 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63115 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63116 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63117 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63119 A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core or .NET Framework web application. The vulnerability can be exploited remotely, wit ... oval:org.secpod.oval:def:63121 A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolvi ... oval:org.secpod.oval:def:63122 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:63145 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63134 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:63135 An elevation of privilege vulnerability exists when the Windows fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code. An attacker could then install programs; view, change, or delete data; or create new accounts with full user ... oval:org.secpod.oval:def:63136 An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers. An authenticated attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.To exploit this vulnerabilit ... oval:org.secpod.oval:def:63137 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:63138 A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability, an attacker would have ... oval:org.secpod.oval:def:63139 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63140 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craf ... oval:org.secpod.oval:def:63141 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:63142 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63143 An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:63144 An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:63101 An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete ... oval:org.secpod.oval:def:63102 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63103 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63104 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63105 An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on th ... oval:org.secpod.oval:def:63106 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:63107 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63110 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63111 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63100 A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ... oval:org.secpod.oval:def:62550 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:62549 An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a spec ... oval:org.secpod.oval:def:62548 A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could ex ... oval:org.secpod.oval:def:62547 An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To exp ... oval:org.secpod.oval:def:62546 An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulne ... oval:org.secpod.oval:def:62545 An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run ... oval:org.secpod.oval:def:62544 An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete dat ... oval:org.secpod.oval:def:62543 An elevation of privilege vulnerability exists when the Windows System Assessment Tool improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ... oval:org.secpod.oval:def:62542 An elevation of privilege vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticat ... oval:org.secpod.oval:def:62541 An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To exp ... oval:org.secpod.oval:def:62540 An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To exp ... oval:org.secpod.oval:def:62529 An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To exp ... oval:org.secpod.oval:def:62528 A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could ex ... oval:org.secpod.oval:def:62527 An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to.To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:62526 An elevation of privilege vulnerability exists when the Windows WpcDesktopMonSvc improperly manages memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:62525 An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbitr ... oval:org.secpod.oval:def:62524 An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbitr ... oval:org.secpod.oval:def:62523 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:62539 An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:62538 A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive.To exploit the vulnerability, an authenticated attacker could send malicious DNS queries to ... oval:org.secpod.oval:def:62537 An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:62536 An elevation of privilege vulnerability exists when the Windows Delivery Optimization service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, chang ... oval:org.secpod.oval:def:62534 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:62533 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:62532 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:62531 An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a spec ... oval:org.secpod.oval:def:62530 An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could overwrite files in arbitrary locations with elevated permissions.To exploit the vulnerability, an a ... oval:org.secpod.oval:def:63099 A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. An attacker could then install programs; v ... oval:org.secpod.oval:def:63098 An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content. An attacker who successfully exploited this vulnerability could upload restricted file types to an IIS-hosted folder.To exploit this vulnerab ... oval:org.secpod.oval:def:63097 An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete ... oval:org.secpod.oval:def:63096 An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability an attacker would need to physically acc ... oval:org.secpod.oval:def:63095 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v ... oval:org.secpod.oval:def:63094 A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulne ... oval:org.secpod.oval:def:63093 A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs. An un-authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected ADFS server.The attacker who successfully expl ... oval:org.secpod.oval:def:63092 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v ... oval:org.secpod.oval:def:63146 An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, ... oval:org.secpod.oval:def:63147 A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) when it improperly handles certain key exchanges. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, a remote u ... oval:org.secpod.oval:def:63148 A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could cause a system to stop responding.To exploit the vulnerability, an attacker would first have to log on to ... oval:org.secpod.oval:def:63149 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63150 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:63151 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles file and folder links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first ... oval:org.secpod.oval:def:63152 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:63153 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:63154 An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To exp ... oval:org.secpod.oval:def:63155 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63167 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63168 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63169 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:63170 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:63171 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:63172 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:63156 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:63157 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:63158 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:63160 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63161 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63162 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted fi ... oval:org.secpod.oval:def:63163 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have t ... oval:org.secpod.oval:def:63164 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63165 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63166 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63181 The host is missing a critical security update for KB4551853 oval:org.secpod.oval:def:63255 The host is missing an important security update for KB4556441 oval:org.secpod.oval:def:63684 An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log onto an af ... oval:org.secpod.oval:def:63685 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:63686 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:63687 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:63688 An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create ne ... oval:org.secpod.oval:def:63689 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.An attacker with unprivileged access to a vulnerable system could exploit th ... oval:org.secpod.oval:def:63690 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:63691 A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged. An attacker who successfully exploited the vulnerability could tamper with the log file.In an attack scenario, an attacker can change existing event log types to a type th ... oval:org.secpod.oval:def:63692 An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit the vulnerability, an attacker would have to log on ... oval:org.secpod.oval:def:63693 An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit the vulnerability, an attacker would have to log on ... oval:org.secpod.oval:def:63673 An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:63674 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:63675 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:63676 A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations. An attacker who successfully exploited the vulnerability could cause a denial of service against a system.To exploit the vulnerability, an attacker who has access to the system could run a specia ... oval:org.secpod.oval:def:63677 An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially cra ... oval:org.secpod.oval:def:63678 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:63679 An elevation of privilege vulnerability exists when the Windows Feedback Hub improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerability, an attacker would first have to log on to the system ... oval:org.secpod.oval:def:63680 An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To e ... oval:org.secpod.oval:def:63681 An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to delete files.To exploit this vulnerability, an attacker would first have ... oval:org.secpod.oval:def:63682 An information disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could read memory that was freed and might run arbitrary code in an elevated context.An attacker could exploit this vulnerability by ... oval:org.secpod.oval:def:63683 An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:63695 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.An attacker with unprivileged access to a vulnerable system could exploit th ... oval:org.secpod.oval:def:63696 An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly load spotlight images from a secure location. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.An authenticated attacker could modify a registry value to ... oval:org.secpod.oval:def:63697 An elevation of privilege vulnerability exists in the way that the Windows Bluetooth Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a spe ... oval:org.secpod.oval:def:63698 An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly restrict access to configuration settings. An attacker who successfully exploited this vulnerability could replace the shell with a malicious binary.To exploit this vulnerability, an authenticated attacke ... oval:org.secpod.oval:def:63699 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.An attacker with unprivileged access to a vulnerable system could exploit th ... oval:org.secpod.oval:def:63672 An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:63700 A vulnerability exists in the way the Windows Diagnostics & feedback settings app handles objects in memory. An attacker who successfully exploited this vulnerability could cause additional diagnostic data from the affected device to be sent to Microsoft.To exploit the vulnerability, an attacker ... oval:org.secpod.oval:def:63701 An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:63702 An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:63703 An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients. An attacker who successfully exploited this vulnerability could run arbitrary code in a privileged process. An attacker could then insta ... oval:org.secpod.oval:def:63704 An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially ... oval:org.secpod.oval:def:63705 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:63706 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63709 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerabi ... oval:org.secpod.oval:def:63720 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63721 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:63722 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craf ... oval:org.secpod.oval:def:63723 A security feature bypass vulnerability exists when Windows Kernel fails to properly sanitize certain parameters.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system.The update addresses the vulnerability by correcti ... oval:org.secpod.oval:def:63710 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerabi ... oval:org.secpod.oval:def:63712 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:63713 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:63715 An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:63716 An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:63717 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63718 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63719 An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The se ... oval:org.secpod.oval:def:64071 A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted image ... oval:org.secpod.oval:def:64072 A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. Exploitation of the vulnerability requires that a prog ... oval:org.secpod.oval:def:64214 A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the process responsible fo ... oval:org.secpod.oval:def:64220 An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files.To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:64221 An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points. An attacker who successfully exploited this vulnerability could overwrite a targeted file that would normally require elevated permissions.To exploit the vulnerability, an at ... oval:org.secpod.oval:def:64234 An elevation of privilege vulnerability exists in the way that the Credential Enrollment Manager service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker cou ... oval:org.secpod.oval:def:64235 An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The sec ... oval:org.secpod.oval:def:64236 An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerability, an attacker would fi ... oval:org.secpod.oval:def:64237 An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory. An attacker who successfully exploited the vulnerability could allow an application with limited privileges on an affected system to execute code at a medium integrity level.To exp ... oval:org.secpod.oval:def:64239 An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privil ... oval:org.secpod.oval:def:64240 A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book (WAB). After successfully exploiting the vulnerability, an attacker coul ... oval:org.secpod.oval:def:64241 An elevation of privilege vulnerability exists when the Windows Modules Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim system ... oval:org.secpod.oval:def:64242 An elevation of privilege vulnerability exists when the Windows Diagnostics Execution Service fails to properly sanitize input, leading to an unsecure library-loading behavior. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An atta ... oval:org.secpod.oval:def:64243 An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:64244 An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.Th ... oval:org.secpod.oval:def:64223 An elevation of privilege vulnerability exists when the Windows USO Core Worker improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:64224 An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:64227 An elevation of privilege vulnerability exists when the Windows System Events Broker improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim syst ... oval:org.secpod.oval:def:64228 An information disclosure vulnerability exists when the Windows Resource Policy component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to disclose information a ... oval:org.secpod.oval:def:64229 An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerability, an attacker would fi ... oval:org.secpod.oval:def:64230 An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. A ... oval:org.secpod.oval:def:64231 An elevation of privilege vulnerability exists when the Windows Picker Platform improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:64232 An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The sec ... oval:org.secpod.oval:def:64233 An elevation of privilege vulnerability exists when the Windows Print Workflow Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the AppContainer sandbox.To exploit this vulnerability, an attacker w ... oval:org.secpod.oval:def:63761 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63762 An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the v ... oval:org.secpod.oval:def:63763 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63764 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:63750 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rig ... oval:org.secpod.oval:def:63751 A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious c ... oval:org.secpod.oval:def:63752 A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server.To exploit the vulnerability, in most situ ... oval:org.secpod.oval:def:63753 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:63754 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63755 An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially ... oval:org.secpod.oval:def:63756 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63758 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:63759 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:63724 A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could cause a system to stop responding.To exploit the vulnerability, an attacker would first have to log on to ... oval:org.secpod.oval:def:63725 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63726 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:63728 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:63729 An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content. An attacker who successfully exploited this vulnerability could upload restricted file types to an IIS-hosted folder.To exploit this vulnerab ... oval:org.secpod.oval:def:63741 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63742 An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an atta ... oval:org.secpod.oval:def:63743 A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.To exploit the vulnerability, an attacker would have to convince a user to open either a specially crafted file or a pr ... oval:org.secpod.oval:def:63744 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:63745 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:63747 A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could tak ... oval:org.secpod.oval:def:63748 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:63749 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:63730 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63731 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63733 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63734 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:63735 An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:63736 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:63737 An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then instal ... oval:org.secpod.oval:def:63739 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:64258 The host is missing a critical security update for KB4566516 oval:org.secpod.oval:def:64263 An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:64264 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64265 This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the t ... oval:org.secpod.oval:def:64266 An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulnerabilit ... oval:org.secpod.oval:def:64245 An elevation of privilege vulnerability exists in the way that the Windows Sync Host Service handles objects in memory. An attacker who successfully exploited the vulnerability could allow an application with limited privileges on an affected system to execute code at a medium integrity level.To exp ... oval:org.secpod.oval:def:64246 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully ... oval:org.secpod.oval:def:64247 An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory. An attacker who successfully exploited the vulnerability could allow an application with limited privileges on an affected system to execute code at a medium integ ... oval:org.secpod.oval:def:64248 An elevation of privilege vulnerability exists in the way that the SharedStream Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a speciall ... oval:org.secpod.oval:def:64267 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64268 An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:64269 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64289 An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:64290 An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to delete files.To exploit this vulnerability, an attacker would first have ... oval:org.secpod.oval:def:64291 An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a ... oval:org.secpod.oval:def:64292 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:64293 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; o ... oval:org.secpod.oval:def:64294 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:64295 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:64296 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted fi ... oval:org.secpod.oval:def:64297 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64298 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64299 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64278 An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:64279 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log ... oval:org.secpod.oval:def:64280 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:64281 An elevation of privilege vulnerability exists in the way that the Windows Geolocation Framework handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a ... oval:org.secpod.oval:def:64282 An elevation of privilege vulnerability exists in the way that the Windows Speech Brokered API handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a s ... oval:org.secpod.oval:def:64283 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, ... oval:org.secpod.oval:def:64284 An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.There are multiple ways an attacker coul ... oval:org.secpod.oval:def:64285 An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly handle Ease of Access dialog.An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.The security update addresses the vulnerability by ensuring that the Ease of ... oval:org.secpod.oval:def:64286 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64287 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:64288 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:64270 An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles objects in memory. An attacker who successfully exploited this vulnerability could bypass access restrictions to delete files.To exploit this vulnerability, an attacker would fir ... oval:org.secpod.oval:def:64271 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:64272 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view ... oval:org.secpod.oval:def:64273 An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An attac ... oval:org.secpod.oval:def:64276 An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.To exploit the vulnerability, an attacker would have to l ... oval:org.secpod.oval:def:64277 An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.To exp ... oval:org.secpod.oval:def:64311 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:64312 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craf ... oval:org.secpod.oval:def:64313 An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:64315 An information disclosure vulnerability exists in the way that the WalletService handles memory.To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.The security update addresses the vulnerability by ... oval:org.secpod.oval:def:64316 An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:64317 A denial of service vulnerability exists in the way that the WalletService handles files. An attacker who successfully exploited the vulnerability could corrupt system files.To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a spe ... oval:org.secpod.oval:def:64318 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulnerability by running ... oval:org.secpod.oval:def:64319 An elevation of privilege vulnerability exists when the Windows Delivery Optimization service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, chang ... oval:org.secpod.oval:def:64320 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64321 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:64300 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log ... oval:org.secpod.oval:def:64301 An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to disclose information.The se ... oval:org.secpod.oval:def:64302 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rig ... oval:org.secpod.oval:def:64303 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:64305 An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:64306 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulnerability by running ... oval:org.secpod.oval:def:64307 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:64308 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:64309 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:64310 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:65038 A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.Exploitation of the vulnerability requires that a program ... oval:org.secpod.oval:def:65047 A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or crea ... oval:org.secpod.oval:def:66060 A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.To exploit this vulnerability, an attacke ... oval:org.secpod.oval:def:66062 An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66061 A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to send specia ... oval:org.secpod.oval:def:66064 An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.An attacker with unprivileged access to a vulnerable system could exploit ... oval:org.secpod.oval:def:66053 An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code ex ... oval:org.secpod.oval:def:66055 An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on ... oval:org.secpod.oval:def:66054 An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system ... oval:org.secpod.oval:def:66056 An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially ... oval:org.secpod.oval:def:66059 An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker woul ... oval:org.secpod.oval:def:66058 An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To ... oval:org.secpod.oval:def:66875 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66874 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66877 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66876 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66879 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66878 Windows WalletService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66880 Windows Print Configuration Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66882 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66881 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66884 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66883 Windows KernelStream Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:66864 Windows Graphics Component Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:66863 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66865 Windows Error Reporting Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66868 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66867 Win32k Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:66869 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66871 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66870 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66873 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66872 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66885 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66888 Windows USO Core Worker Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66890 Windows Update Stack Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66856 Windows Spoofing Vulnerability oval:org.secpod.oval:def:66860 DirectX Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66862 Remote Desktop Protocol Client Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:66861 Windows WalletService Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:66080 An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:66082 An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then instal ... oval:org.secpod.oval:def:66084 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:66083 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:66086 A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.To exploit this vulnerability, an attacker could run a specially crafted ... oval:org.secpod.oval:def:66085 An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to s ... oval:org.secpod.oval:def:66088 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66087 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:66089 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:66071 An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. A ... oval:org.secpod.oval:def:66070 An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory. To exploit the vulnerability, an authenticated attacker would need to run a sp ... oval:org.secpod.oval:def:66073 An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbitr ... oval:org.secpod.oval:def:66072 An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbitr ... oval:org.secpod.oval:def:66075 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual ... oval:org.secpod.oval:def:66074 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted fi ... oval:org.secpod.oval:def:66077 An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:66079 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ... oval:org.secpod.oval:def:66078 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:66091 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:66090 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it ... oval:org.secpod.oval:def:66093 A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent improper ... oval:org.secpod.oval:def:66092 An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An attac ... oval:org.secpod.oval:def:66095 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:66094 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted fi ... oval:org.secpod.oval:def:66097 An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An attac ... oval:org.secpod.oval:def:66096 A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.To ex ... oval:org.secpod.oval:def:66098 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66066 An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.To exploit this vulnerability, an attacker would first ha ... oval:org.secpod.oval:def:66065 An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an a ... oval:org.secpod.oval:def:66067 An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code ex ... oval:org.secpod.oval:def:66120 The host is missing an important security update for KB4579976 oval:org.secpod.oval:def:66105 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66104 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66107 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66106 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66147 The host is missing an important security update for KB4577668 oval:org.secpod.oval:def:66101 A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights ... oval:org.secpod.oval:def:66100 An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially ... oval:org.secpod.oval:def:66103 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:66102 A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights ... oval:org.secpod.oval:def:67677 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:67647 A local attacker could run a specially crafted application that would elevate the attacker's privileges. A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system. oval:org.secpod.oval:def:67649 Windows Lock Screen Security Feature Bypass Vulnerability oval:org.secpod.oval:def:67648 Windows Digital Media Receiver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67650 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67652 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67651 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67653 Windows Overlay Filter Security Feature Bypass Vulnerability oval:org.secpod.oval:def:67667 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67666 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67669 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67668 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67672 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:67671 Windows Network Connections Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67674 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:67673 To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code when it fails to properly validate vSMB packet data. oval:org.secpod.oval:def:67663 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67665 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67664 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67704 The host is missing a critical security update for KB4592440 oval:org.secpod.oval:def:68180 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68181 Windows WLAN Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68184 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68185 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68182 While this issue is labeled as an elevation of privilege, it can also be exploited to disclose information. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68188 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68189 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68186 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68187 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68179 Windows Bluetooth Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68191 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68190 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68195 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68196 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68193 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68194 GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:68199 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68197 Windows Remote Desktop Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68207 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68208 Windows Bluetooth Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68206 Windows WalletService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68209 Windows Bluetooth Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68210 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68211 Windows WalletService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68214 Windows WalletService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68212 Windows WalletService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68213 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68200 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68203 NTLM Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68204 Windows CryptoAPI Denial of Service Vulnerability oval:org.secpod.oval:def:68201 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68202 Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability oval:org.secpod.oval:def:66891 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66941 The host is missing an important security update for KB4586793 oval:org.secpod.oval:def:66916 Remote Desktop Protocol Server Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized read access to Windows RDP server process. oval:org.secpod.oval:def:66917 Windows Port Class Library Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:66919 Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66930 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:66932 Windows Update Medic Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66931 Windows NDIS Information Disclosure Vulnerability oval:org.secpod.oval:def:66934 Windows Kernel Local Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66933 Windows Delivery Optimization Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the me ... oval:org.secpod.oval:def:66936 Windows Camera Codec Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:66935 Microsoft Defender for Endpoint Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:66921 Windows MSCTF Server Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:66920 Windows Canonical Display Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the ... oval:org.secpod.oval:def:66923 Windows Hyper-V Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:66922 Windows Function Discovery SSDP Provider Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressin ... oval:org.secpod.oval:def:66925 Windows Error Reporting Denial of Service Vulnerability. oval:org.secpod.oval:def:66924 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:66926 Windows Network File System Denial of Service Vulnerability oval:org.secpod.oval:def:66929 Windows Network File System Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:68218 To exploit this vulnerability, an attacker would need to launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine. oval:org.secpod.oval:def:68219 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68217 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68221 Windows InstallService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68222 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68220 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68226 Windows Hyper-V Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68223 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68224 Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68238 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting ad ... oval:org.secpod.oval:def:68239 Windows Multipoint Management Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68240 Windows (modem.sys) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68241 Windows LUAFV Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68245 The host is missing an important security update for KB4598230 oval:org.secpod.oval:def:68229 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:68227 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68228 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68232 Active Template Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68233 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68230 Windows DNS Query Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68231 Windows Docker Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is secret data encrypted with DP API can be decrypted. oval:org.secpod.oval:def:68236 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68237 Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:68234 TPM Device Driver Information Disclosure Vulnerability.The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68235 Windows Fax Compose Form Remote Code Execution Vulnerability oval:org.secpod.oval:def:69004 The host is installed with .NEt Framework and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to perform denial of service attacks. oval:org.secpod.oval:def:69061 The host is missing an important security update for KB4601887 oval:org.secpod.oval:def:69085 The host is missing a critical security update for KB4601345 oval:org.secpod.oval:def:70011 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69032 Microsoft Windows VMSwitch Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:69030 Windows TCP/IP Remote Code Execution Vulnerability oval:org.secpod.oval:def:69035 Windows Backup Engine Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information. oval:org.secpod.oval:def:69036 Windows Trust Verification API Denial of Service Vulnerability oval:org.secpod.oval:def:69033 Windows Fax Service Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69039 Windows Address Book Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69037 Microsoft Windows Codecs Library Remote Code Execution Vulnerability oval:org.secpod.oval:def:69038 Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability oval:org.secpod.oval:def:70002 Microsoft Windows Media Foundation Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70003 Windows Media Photo Codec Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory ... oval:org.secpod.oval:def:70004 Windows WalletService Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70005 Windows Update Stack Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70001 Windows Print Spooler Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69024 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69025 Windows Fax Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:69028 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69029 Windows Remote Procedure Call Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:69026 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69027 PFX Encryption Security Feature Bypass Vulnerability. When exporting a SID-protected PFX file, keys encrypted using AES are not properly protected. Any SID-protected PFX files using AES for key encryption should be regenerated and exported after this update is installed. oval:org.secpod.oval:def:69050 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69051 Windows DirectX Information Disclosure Vulnerability oval:org.secpod.oval:def:69052 Windows PKU2U Elevation of Privilege Vulnerability. PKU2U is a peer-to-peer authentication protocol. This setting prevents online identities from authenticating to domain-joined systems. Authentication will be centrally managed with Windows user accounts. oval:org.secpod.oval:def:69042 Windows Local Spooler Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69043 Windows Camera Codec Pack Remote Code Execution Vulnerability oval:org.secpod.oval:def:69040 Windows Mobile Device Management Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:69041 Windows TCP/IP Denial of Service Vulnerability. IPv6 Link-local addresses are not routable on the internet and are not reachable by remote attackers. An attack would need to originate from the same logical network segment for systems that are ONLY configured with IPv6 Link-local addresses. oval:org.secpod.oval:def:69046 Windows Kernel Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69047 Windows Console Driver Denial of Service Vulnerability. oval:org.secpod.oval:def:69044 Windows Graphics Component Remote Code Execution Vulnerability oval:org.secpod.oval:def:69045 Windows TCP/IP Remote Code Execution Vulnerability. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an atta ... oval:org.secpod.oval:def:69048 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69989 DirectX Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69987 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system. oval:org.secpod.oval:def:69992 Windows Win32k Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69990 Windows Graphics Component Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69991 Windows Installer Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69996 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69997 Windows User Profile Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69994 Windows Graphics Component Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69995 Windows WalletService Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69998 Windows Win32k Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69999 OpenType Font Parsing Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70055 The host is missing an important security update for KB5000822 oval:org.secpod.oval:def:70046 Application Virtualization Remote Code Execution Vulnerability oval:org.secpod.oval:def:70047 Windows Container Execution Agent Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70048 Windows Extensible Firmware Interface Security Feature Bypass Vulnerability oval:org.secpod.oval:def:70042 Windows NAT Denial of Service Vulnerability oval:org.secpod.oval:def:70043 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70044 Remote Access API Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70045 User Profile Service Denial of Service Vulnerability oval:org.secpod.oval:def:70014 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70016 Windows Win32k Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70012 Windows UPnP Device Host Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70039 Windows ActiveX Installer Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:70035 Windows App-V Overlay Filter Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70036 Windows Virtual Registry Provider Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70037 Windows Container Execution Agent Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70038 Windows Update Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70033 Windows Update Stack Setup Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70034 Windows Event Tracing Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70040 Windows Projected File System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70041 Windows Overlay Filter Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70978 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70979 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70974 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70975 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70976 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70977 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70970 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70971 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70972 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70973 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70967 Microsoft Internet Messaging API Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70968 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70969 NTFS Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70963 Azure AD Web Sign-in Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:70964 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70965 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70966 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70960 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70961 In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the ... oval:org.secpod.oval:def:70962 In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the ... oval:org.secpod.oval:def:70996 Windows Media Photo Codec Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:70992 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:70993 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:70994 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:70995 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70990 Windows DNS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70991 Windows DNS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70989 Windows AppX Deployment Server Denial of Service Vulnerability oval:org.secpod.oval:def:70981 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70982 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70983 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70984 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70980 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70956 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70957 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70958 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70959 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70952 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70953 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70954 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70955 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70950 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70951 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70945 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:70946 The bug allows an attacker to escalate privileges by running a specially crafted program on a target system. This does mean that they will either need to log on to a system or trick a legitimate user into running the code on their behalf. Considering who is listed as discovering this bug, it is prob ... oval:org.secpod.oval:def:70948 Windows NTFS Denial of Service Vulnerability. oval:org.secpod.oval:def:70949 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:71065 The host is missing a critical security update for KB5001342 oval:org.secpod.oval:def:71026 Windows Hyper-V Security Feature Bypass Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Guest VM to Hyper-V host server - virtualization security boundary. oval:org.secpod.oval:def:71025 Windows Hyper-V Security Feature Bypass Vulnerability. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router path ... oval:org.secpod.oval:def:71028 Windows Hyper-V Denial of Service Vulnerability. An attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. This can cause the host OS to crash by sending specially crafted request. oval:org.secpod.oval:def:71027 Windows Hyper-V Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:71022 Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71021 Windows Speech Runtime Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71024 Windows Overlay Filter Security Feature Bypass Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:71023 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71019 Windows Speech Runtime Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71018 Windows TCP/IP Driver Denial of Service Vulnerability. oval:org.secpod.oval:def:71015 Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability oval:org.secpod.oval:def:71017 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:71016 Windows TCP/IP Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71011 Windows Console Driver Denial of Service Vulnerability oval:org.secpod.oval:def:71010 Windows Console Driver Denial of Service Vulnerability oval:org.secpod.oval:def:71013 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:71012 Windows Application Compatibility Cache Denial of Service Vulnerability. oval:org.secpod.oval:def:71020 Windows Speech Runtime Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71008 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71007 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:71009 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71004 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:71006 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71005 Windows Portmapping Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71000 Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:71002 Windows Services and Controller App Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71001 Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:70997 Windows Network File System Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70998 Windows Event Tracing Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70999 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:73276 The host is missing a critical security update for KB5003646 oval:org.secpod.oval:def:73249 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. CVE-2021-31199 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the June securi ... oval:org.secpod.oval:def:73247 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73248 Windows DCOM Server Security Feature Bypass. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted ... oval:org.secpod.oval:def:73252 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73253 Windows Filter Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73250 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. Microsoft CVE-2021-31201 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the J ... oval:org.secpod.oval:def:73251 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73267 Server for NFS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73268 Windows Hyper-V Denial of Service Vulnerability. By sending a specially crafted message to the Hyper-V host virtualization stack, a guest VM could cause a reference count in the host virtualization stack to be leaked. In most circumstances, this would result in a memory leak on the Hyper-V host. If ... oval:org.secpod.oval:def:73265 Server for NFS Denial of Service Vulnerability oval:org.secpod.oval:def:73266 Server for NFS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73272 Windows Remote Desktop Services Denial of Service Vulnerability oval:org.secpod.oval:def:73270 Windows MSHTML Platform Remote Code Execution Vulnerability. While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. Th ... oval:org.secpod.oval:def:73271 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73259 Kerberos AppContainer Security Feature Bypass Vulnerability. In an enterprise environment this vulnerability might allow an attacker to bypass Kerberos authentication, to authenticate to an arbitrary service principal name. oval:org.secpod.oval:def:73256 Windows NTLM Elevation of Privilege Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially c ... oval:org.secpod.oval:def:73257 Scripting Engine Memory Corruption Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the fil ... oval:org.secpod.oval:def:73254 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73255 Windows NTFS Elevation of Privilege Vulnerability. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker co ... oval:org.secpod.oval:def:73263 Event Tracing for Windows Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory ... oval:org.secpod.oval:def:73264 Windows GPSVC Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73261 Windows TCP/IP Driver Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73262 Windows HTML Platform Security Feature Bypass Vulnerability. While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. Th ... oval:org.secpod.oval:def:73260 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73746 Windows Projected File System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73747 Windows Secure Kernel Mode Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73744 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73745 Windows Media Remote Code Execution Vulnerability oval:org.secpod.oval:def:73742 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73743 Windows InstallService Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:73799 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73797 Windows Kernel Remote Code Execution Vulnerability oval:org.secpod.oval:def:73798 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73795 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:73796 Windows Address Book Remote Code Execution Vulnerability oval:org.secpod.oval:def:73794 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory from the file cache. This could include unintentional read access to memory contents in kernel space from a user mode process ... oval:org.secpod.oval:def:73769 Windows LSA Denial of Service Vulnerability oval:org.secpod.oval:def:73766 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:73767 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73765 Active Directory Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73762 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73760 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73770 Windows Font Driver Host Remote Code Execution Vulnerability oval:org.secpod.oval:def:73759 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:73755 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:73756 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73753 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73751 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73752 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73750 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73788 Win32k Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73786 DirectWrite Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file: a. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the fil ... oval:org.secpod.oval:def:73787 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73784 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73785 Windows Console Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73782 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73791 Windows MSHTML Platform Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this s ... oval:org.secpod.oval:def:73792 Windows GDI Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73790 Windows GDI Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:73779 Windows Hyper-V Remote Code Execution Vulnerability. This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. oval:org.secpod.oval:def:73777 Scripting Engine Memory Corruption Vulnerability. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacke ... oval:org.secpod.oval:def:73778 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73776 Windows MSHTML Platform Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this s ... oval:org.secpod.oval:def:73773 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:73772 GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:73781 Windows AppContainer Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:73841 The host is missing a critical security update for KB5004244 oval:org.secpod.oval:def:73807 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73808 Windows Remote Access Connection Manager Information Disclosure Vulnerability oval:org.secpod.oval:def:73805 Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:73806 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73803 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73802 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73800 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73823 Windows Remote Assistance Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:73824 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73821 Windows Certificate Spoofing Vulnerability oval:org.secpod.oval:def:73822 Windows Partition Management Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73820 Bowser.sys Denial of Service Vulnerability oval:org.secpod.oval:def:73818 Windows Remote Access Connection Manager Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressin ... oval:org.secpod.oval:def:73819 Windows Hello Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73816 Windows File History Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73817 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73814 Windows HTML Platforms Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73815 Windows Remote Access Connection Manager Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized and/or uninitialized memory in the process heap. oval:org.secpod.oval:def:73812 Windows AF_UNIX Socket Provider Denial of Service Vulnerability oval:org.secpod.oval:def:73813 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73810 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73811 Windows Authenticode Spoofing Vulnerability oval:org.secpod.oval:def:74307 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74308 Scripting Engine Memory Corruption Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file ... oval:org.secpod.oval:def:74306 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:74303 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74304 Windows User Account Profile Picture Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74302 Windows TCP/IP Remote Code Execution Vulnerability. This is remotely triggerable by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCPIP packet to its host utilizing the TCPIP Protocol Stack (tcpip.sys) to process packets. oval:org.secpod.oval:def:75299 Windows Hyper-V Remote Code Execution Vulnerability oval:org.secpod.oval:def:75298 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:75297 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75296 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75295 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75293 Windows Print Spooler Spoofing Vulnerability oval:org.secpod.oval:def:75292 Windows TCP/IP Denial of Service Vulnerability oval:org.secpod.oval:def:75291 An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an IOCTL parameter, which could lead to an out-of-bounds buffer writ ... oval:org.secpod.oval:def:75306 DirectX Graphics Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75303 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75302 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75301 Windows Nearby Sharing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75300 Windows NAT Denial of Service Vulnerability oval:org.secpod.oval:def:74899 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:74897 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74898 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space ... oval:org.secpod.oval:def:74895 Windows WLAN AutoConfig Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:74896 Windows Subsystem for Linux Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74893 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74894 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74888 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74889 Windows Authenticode Spoofing Vulnerability oval:org.secpod.oval:def:74886 Windows Scripting Engine Memory Corruption Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open ... oval:org.secpod.oval:def:74887 Windows Bind Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74891 Windows Installer Denial of Service Vulnerability oval:org.secpod.oval:def:74892 Windows Installer Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:74890 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:74933 The host is missing a critical security update for KB5005568 oval:org.secpod.oval:def:74916 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74917 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74914 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74915 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74912 Windows Storage Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:74913 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74910 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode pro ... oval:org.secpod.oval:def:74911 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode pro ... oval:org.secpod.oval:def:74907 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:74908 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74905 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a ... oval:org.secpod.oval:def:74906 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74903 Windows Key Storage Provider Security Feature Bypass Vulnerability. A successful attacker could bypass the Windows Key Storage Provider which issues key certificates for trust in attestation scenarios. oval:org.secpod.oval:def:74904 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74901 Windows SMB Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74902 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74900 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74909 Microsoft Windows Update Client Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74332 The host is missing a critical security update for KB5005030 oval:org.secpod.oval:def:74327 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:74328 Windows Update Medic Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74325 Windows Cryptographic Primitives Library Information Disclosure Vulnerability oval:org.secpod.oval:def:74323 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:74324 Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:74321 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74322 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74318 Windows Bluetooth Driver Elevation of Privilege Vulnerability. An authorized attacker could exploit the Windows Bluetooth driver vulnerability by programatically running certain functions that could lead to elevation of privilege on the Bluetooth component. oval:org.secpod.oval:def:74319 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74316 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the machine when a victim connects to the attacking server with the vulnerable Remote Desktop Clie ... oval:org.secpod.oval:def:74317 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74314 Windows Graphics Component Font Parsing Remote Code Execution Vulnerability oval:org.secpod.oval:def:74315 Windows MSHTML Platform Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file: * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to o ... oval:org.secpod.oval:def:74312 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74313 Windows Graphics Component Remote Code Execution Vulnerability oval:org.secpod.oval:def:74310 Windows User Profile Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74311 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74309 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76429 Remote Desktop Client Remote Code Execution Vulnerability oval:org.secpod.oval:def:76428 Windows Event Tracing Remote Code Execution Vulnerability oval:org.secpod.oval:def:76427 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76426 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76425 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76424 SymCrypt Denial of Service Vulnerability oval:org.secpod.oval:def:76423 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76422 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76432 Microsoft Message Queuing Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:76431 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76430 Windows Fax Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:76419 Microsoft Message Queuing Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:76418 DirectX Graphics Kernel File Denial of Service Vulnerability oval:org.secpod.oval:def:76417 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. oval:org.secpod.oval:def:76416 Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode proc ... oval:org.secpod.oval:def:76415 iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution. An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution. oval:org.secpod.oval:def:76414 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76413 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76421 Windows Common Log File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76420 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75349 Windows Fast FAT File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75348 Windows exFAT File System Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:75347 Windows Fast FAT File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75346 Windows HTTP.sys Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75345 Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75344 Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability oval:org.secpod.oval:def:75354 Windows AppX Deployment Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75352 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75351 Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability. This vulnerability could allow an attacker to bypass Extended Protection for Authentication provided by SPN target name validation. oval:org.secpod.oval:def:75343 Windows Text Shaping Remote Code Execution Vulnerability oval:org.secpod.oval:def:75309 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75308 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75307 Windows AppContainer Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:75310 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75322 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75316 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75314 Windows Print Spooler Information Disclosure Vulnerability. he type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:75313 Windows Media Audio Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:75312 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:75311 Storage Spaces Controller Elevation of Privilege Vulnerability. An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an I ... oval:org.secpod.oval:def:75321 Windows MSHTML Platform Remote Code Execution Vulnerability. While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. Th ... oval:org.secpod.oval:def:75320 Windows Graphics Component Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to ... oval:org.secpod.oval:def:75809 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75808 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability. A remote code execution vulnerability exists when a VM guest fails to properly handle communication on a VMBus channel. To exploit the vulnerability, an authenticated attacker could send a specially crafted communication on t ... oval:org.secpod.oval:def:75829 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75827 Windows Feedback Hub Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75826 Chakra Scripting Engine Memory Corruption Vulnerability oval:org.secpod.oval:def:75824 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75823 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:75822 Microsoft COM for Windows Remote Code Execution Vulnerability. An authorized attacker could exploit this Windows COM vulnerability by sending from a user mode application specially crafted malicious COM traffic directed at the COM Server, which might lead to remote code execution. oval:org.secpod.oval:def:75821 Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability oval:org.secpod.oval:def:75820 Windows Installer Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75819 Windows NTFS Remote Code Execution Vulnerability oval:org.secpod.oval:def:75818 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75817 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. oval:org.secpod.oval:def:75816 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75815 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75814 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75813 Windows Denial of Service Vulnerability oval:org.secpod.oval:def:75812 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:75811 Remote Desktop Protocol Client Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized and/or uninitialized memory in the process heap. oval:org.secpod.oval:def:75810 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. oval:org.secpod.oval:def:75844 The host is missing a critical security update for KB5007206 oval:org.secpod.oval:def:75834 Windows Hello Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75831 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75830 Windows Hyper-V Denial of Service Vulnerability. Installations of Hyper-V with GRE (Generic Routing Encapsulation) enabled is vulnerable. oval:org.secpod.oval:def:76439 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:76437 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76434 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76443 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76441 Windows Digital Media Receiver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76440 Windows TCP/IP Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76444 Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76469 The host is missing a critical security update for KB5008218 oval:org.secpod.oval:def:77087 Windows Hyper-V Security Feature Bypass Vulnerability. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router path ... oval:org.secpod.oval:def:77083 Windows Hyper-V Security Feature Bypass Vulnerability. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router path ... oval:org.secpod.oval:def:77060 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:77180 .NET Framework Denial of Service Vulnerability oval:org.secpod.oval:def:78049 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:77654 Windows Hyper-V Remote Code Execution Vulnerability. In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment. In this case, in order to execute a succe ... oval:org.secpod.oval:def:77663 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. Successful exploitation of this vulnerability would allow a Hyper-V guest to affect the functionalit ... oval:org.secpod.oval:def:77684 The host is missing an important security update for KB5010351 oval:org.secpod.oval:def:78762 Windows Hyper-V Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack V ... oval:org.secpod.oval:def:78757 .NET Framework Denial of Service Vulnerability oval:org.secpod.oval:def:78088 The host is missing an important security update for KB5011503 oval:org.secpod.oval:def:79954 Windows Hyper-V Security Feature Bypass Vulnerability. This Hyper-V vulnerability relates to a Virtual Machine Switch with virtual networking in Hyper-V Network Virtualization (HNV). It might be possible to bypass extended ACLs and other Windows security feature checks. Successful exploitation of th ... oval:org.secpod.oval:def:78785 Windows Hyper-V Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack V ... oval:org.secpod.oval:def:78848 The host is missing an important security update KB5012647 oval:org.secpod.oval:def:78833 The host is missing an important security update for KB5012328 oval:org.secpod.oval:def:83850 Windows Enterprise App Management Service Remote Code Execution Vulnerability. The Enterprise App Management service exposes a COM class that could allow an authenticated attacker to install arbitrary SYSTEM services that run with SYSTEM privileges, which could result in remote code execution. oval:org.secpod.oval:def:84785 Windows Hyper-V Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. An attacker on a Nested Hyper-V ... oval:org.secpod.oval:def:90361 Windows Remote Desktop Security Feature Bypass Vulnerability. An attacker must send the user a malicious file and convince the user to open said file. An attacker who successfully exploited this vulnerability could bypass certificate validation during a remote desktop connection by creating a validl ... oval:org.secpod.oval:def:90374 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:93608 Win32k Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver. oval:org.secpod.oval:def:94478 Windows Hyper-V Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. This vulnerability would require an unauthenticated attacker on a guest VM to send specially crafted file operation requests to the VM's hardware resources wh ... oval:org.secpod.oval:def:77099 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77098 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77097 Remote Procedure Call Runtime Remote Code Execution Vulnerability. An attacker with non-admin credentials can potentially carry out an exploit using this vulnerability. The authenticated attacker could take advantage of this vulnerability to execute malicious code through the RPC runtime. oval:org.secpod.oval:def:77096 Windows User Profile Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77095 DirectX Graphics Kernel File Denial of Service Vulnerability oval:org.secpod.oval:def:77094 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77093 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:77092 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. A local, authenticated attacker could gain elevated privileges through a vulnerable file system component. oval:org.secpod.oval:def:77091 DirectX Graphics Kernel Remote Code Execution Vulnerability. An attacker with non-admin credentials can potentially carry out an exploit using this vulnerability. The authenticated attacker could take advantage of a vulnerability in dxgkrnl.sys to execute an arbitrary pointer dereference in kernel m ... oval:org.secpod.oval:def:77090 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77089 HTTP Protocol Stack Remote Code Execution Vulnerability. In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. oval:org.secpod.oval:def:77088 Windows Defender Application Control Security Feature Bypass Vulnerability oval:org.secpod.oval:def:77086 Windows GDI Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:77085 Windows GDI Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77081 DirectX Graphics Kernel Remote Code Execution Vulnerability oval:org.secpod.oval:def:77080 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77059 Windows Certificate Spoofing Vulnerability. A successful attacker could bypass the WPBT binary verification by using a small number of compromised certificates. Microsoft has added those certificates to the Windows kernel driver block list, driver.stl. Certificates on the driver.stl will be blocked ... oval:org.secpod.oval:def:77058 Microsoft Cryptographic Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77057 Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77079 Windows User Profile Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77078 Remote Desktop Protocol Remote Code Execution Vulnerability. An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could read or tamper with clipboard contents and the victim's filesystem contents. oval:org.secpod.oval:def:77077 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77075 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77073 Win32k Elevation of Privilege Vulnerability. A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver. oval:org.secpod.oval:def:77072 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77071 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77070 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77069 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77068 Win32k Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77067 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77066 Connected Devices Platform Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77065 Windows Accounts Control Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77064 Windows Bind Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77063 Active Directory Domain Services Elevation of Privilege Vulnerability. This update resolves an elevation of privilege vulnerability specific to Active Directory Domain Services environments with incoming trusts. Prior to this update, an attacker could elevate privileges across the trust boundary und ... oval:org.secpod.oval:def:77062 Remote Desktop Client Remote Code Execution Vulnerability. An authenticated user might be tricked into connecting to a malicious remote desktop server in which the remote desktop host server sends a specially crafted PDU (Server RDP Preconnection) targeting the remote client's drive redirection virt ... oval:org.secpod.oval:def:77061 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:77101 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77100 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77159 Windows Kerberos Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to a domain admin. oval:org.secpod.oval:def:77161 Workstation Service Remote Protocol Security Feature Bypass Vulnerability oval:org.secpod.oval:def:77128 Windows Cleanup Manager Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:77127 Windows Devices Human Interface Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77126 Windows Geolocation Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:77136 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77135 Windows IKE Extension Remote Code Execution Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. In an environment where Internet Key Exchange (IKE) version 2 is enabled, a remote attacker could trigger multiple vulnerabilities without being authenticated. oval:org.secpod.oval:def:77134 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77133 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77132 Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability oval:org.secpod.oval:def:77131 Virtual Machine IDE Drive Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77149 Windows Storage Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77148 Windows Security Center API Remote Code Execution Vulnerability oval:org.secpod.oval:def:77158 Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass oval:org.secpod.oval:def:77156 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77155 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77154 Secure Boot Security Feature Bypass Vulnerability oval:org.secpod.oval:def:77153 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77152 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77151 Windows Modern Execution Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77150 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77139 Windows Application Model Core API Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77138 Task Flow Data Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77137 Windows AppContracts API Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77147 Tile Data Repository Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77146 Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77145 Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77144 Clipboard User Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77143 Windows Push Notifications Apps Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:77142 Windows System Launcher Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77141 Windows UI Immersive Server API Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77140 Windows StateRepository API Server file Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77104 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77103 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77102 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:78050 Media Foundation Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:78051 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:78052 Media Foundation Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:78053 Point-to-Point Tunneling Protocol Denial of Service Vulnerability oval:org.secpod.oval:def:78054 Windows Common Log File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:78055 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78056 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78057 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:78047 Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. oval:org.secpod.oval:def:77649 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:77647 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77646 Roaming Security Rights Management Services Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:77645 Windows Runtime Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:77653 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77652 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a us ... oval:org.secpod.oval:def:77651 Windows Mobile Device Management Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:77650 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. In this case, a successful attack could be performed from a low privilege AppContainer. The atta ... oval:org.secpod.oval:def:77666 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77665 Windows Print Spooler Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:77659 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77658 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77657 Windows Common Log File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77656 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:77664 Named Pipe File System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77662 Windows Common Log File System Driver Denial of Service Vulnerability oval:org.secpod.oval:def:77661 Windows User Account Profile Picture Denial of Service Vulnerability oval:org.secpod.oval:def:77660 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78732 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78733 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78734 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78735 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78736 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78737 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78738 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78739 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78730 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78731 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78721 Windows SMB Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially cra ... oval:org.secpod.oval:def:78722 Win32 Stream Enumeration Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this ... oval:org.secpod.oval:def:78724 Windows Server Service Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this sp ... oval:org.secpod.oval:def:78725 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78726 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78727 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78728 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78755 Windows LDAP Denial of Service Vulnerability oval:org.secpod.oval:def:78756 Windows LDAP Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. oval:org.secpod.oval:def:78753 Windows DNS Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:78720 Local Security Authority (LSA) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78716 Win32 Stream Enumeration Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this ... oval:org.secpod.oval:def:78717 Win32 File Enumeration Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this sp ... oval:org.secpod.oval:def:78718 Windows Local Security Authority (LSA) Remote Code Execution Vulnerability. In order to exploit this vulnerability the attacker is required to be a local user with a smart card or already logged on remotely through RDP to the remote machine. The authorized attacker could then exploit this Windows LS ... oval:org.secpod.oval:def:78719 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode proce ... oval:org.secpod.oval:def:78780 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78781 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78782 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to trick a user into executing a specially crafted script which executes an RPC call to an RPC host. This could result in remote code execution on the server side with the same pe ... oval:org.secpod.oval:def:78783 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78784 Remote Desktop Protocol Remote Code Execution Vulnerability oval:org.secpod.oval:def:78776 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to trick a user into executing a specially crafted script which executes an RPC call to an RPC host. This could result in remote code execution on the server side with the same pe ... oval:org.secpod.oval:def:78777 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78778 Windows Direct Show - Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the At ... oval:org.secpod.oval:def:78779 Windows iSCSI Target Service Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:78771 Windows Kerberos Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78775 Windows Network File System Remote Code Execution Vulnerability. This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows m ... oval:org.secpod.oval:def:78766 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78767 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78768 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78769 Windows Kernel Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of certain kernel memory content. oval:org.secpod.oval:def:78788 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78789 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78060 Windows DWM Core Library Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78061 Windows Inking COM Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78062 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78063 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78064 Windows Event Tracing Remote Code Execution Vulnerability. An attacker with non-admin credentials can potentially carry out an exploit using this vulnerability. The authenticated attacker could potentially take advantage of this vulnerability to execute malicious code through the Event Log's Remote ... oval:org.secpod.oval:def:78065 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78066 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode proce ... oval:org.secpod.oval:def:78067 Windows NT OS Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78068 Windows PDEV Elevation of Privilege Vulnerability. A Windows PDEV is a logical representation of the physical device. It is characterized by the type of hardware, logical address, and surfaces that can be supported. As an example of a driver supporting a PDEV characterized by the type of hardware, o ... oval:org.secpod.oval:def:78069 Windows Security Support Provider Interface Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78058 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78059 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78070 Windows CD-ROM Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78071 Windows Fax and Scan Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78072 Tablet Windows User Interface Application Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78073 Windows HTML Platforms Security Feature Bypass Vulnerability oval:org.secpod.oval:def:78074 Remote Desktop Protocol Client Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:78075 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78076 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79950 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79951 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to trick a user into executing a specially crafted script which executes an RPC call to an RPC host. This could result in remote code execution on the server side with the same pe ... oval:org.secpod.oval:def:79952 Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution ... oval:org.secpod.oval:def:79947 Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution ... oval:org.secpod.oval:def:79948 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79949 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79936 .NET Framework Denial of Service Vulnerability oval:org.secpod.oval:def:79971 Windows WLAN AutoConfig Service Denial of Service Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would includ ... oval:org.secpod.oval:def:79965 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79967 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79968 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user import a specially crafted contact record and sends it a FAX. oval:org.secpod.oval:def:79960 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79961 Windows WLAN AutoConfig Service Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79962 Windows Server Service Information Disclosure Vulnerability. The Windows Server Service is frequently referred to as LanmanServer, and is responsible for making printer and file sharing possible within a Windows powered network. The presence of specific file names and users can be confirmed over the ... oval:org.secpod.oval:def:79955 Active Directory Domain Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79956 Windows LSA Spoofing Vulnerability. An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM. This security update detects anonymous connection attempts in LSARPC and disallows it. oval:org.secpod.oval:def:79957 Windows Address Book Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. Exploitation of the vulnerability requires that a ... oval:org.secpod.oval:def:79958 Windows Graphics Component Remote Code Execution Vulnerability. There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType ... oval:org.secpod.oval:def:79959 Windows NTFS Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of certain kernel memory content. oval:org.secpod.oval:def:79904 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79905 Windows LDAP Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted request to a vulnerable server. Successful exploitation could result in the attacker's code running in the context of the SYSTEM account.. oval:org.secpod.oval:def:79906 Windows PlayToManager Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79909 Windows Authentication Security Feature Bypass Vulnerability oval:org.secpod.oval:def:79920 Windows Push Notifications Apps Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79921 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:79922 Windows LDAP Remote Code Execution Vulnerability. This vulnerability could be exploited over the network by an authenticated normal user through a low complexity attack on a server configured as the domain controller. oval:org.secpod.oval:def:79923 Windows LDAP Remote Code Execution Vulnerability. This vulnerability could be exploited over the network by an authenticated normal user through a low complexity attack on a server configured as the domain controller. oval:org.secpod.oval:def:79924 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79925 Windows Print Spooler Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:79910 Windows Remote Access Connection Manager Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressin ... oval:org.secpod.oval:def:79911 Windows Kerberos Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:79916 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79917 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:79918 Windows Digital Media Receiver Elevation of Privilege Vulnerability. In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer exec ... oval:org.secpod.oval:def:79919 Windows Print Spooler Information Disclosure Vulnerability oval:org.secpod.oval:def:78799 PowerShell Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78790 Windows Kerberos Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78791 Windows Kerberos Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack ... oval:org.secpod.oval:def:78792 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78793 Windows Digital Media Receiver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78794 Windows AppX Package Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78795 Windows Telephony Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78810 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:78811 Windows Fax Compose Form Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user employ a specially crafted malicious contact record to send a FAX. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted contact re ... oval:org.secpod.oval:def:78812 Windows Fax Compose Form Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user employ a specially crafted malicious contact record to send a FAX. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted contact re ... oval:org.secpod.oval:def:78813 Windows Fax Compose Form Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user employ a specially crafted malicious contact record to send a FAX. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted contact re ... oval:org.secpod.oval:def:78814 Windows Graphics Component Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:78815 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78816 Windows Network File System Remote Code Execution Vulnerability. This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows m ... oval:org.secpod.oval:def:78800 Windows Work Folder Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78801 Windows File Explorer Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78802 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. oval:org.secpod.oval:def:78803 Windows File Server Resource Management Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78804 Windows File Server Resource Management Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78805 Windows Bluetooth Driver Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78807 Windows Graphics Component Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that t ... oval:org.secpod.oval:def:78808 Windows User Profile Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78809 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81899 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81898 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81892 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open ... oval:org.secpod.oval:def:81891 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:81890 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Successful exploitation of th ... oval:org.secpod.oval:def:81895 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open ... oval:org.secpod.oval:def:81894 Windows CSRSS Elevation of Privilege Vulnerability. A locally authenticated attacker could send specially crafted data to the local CSRSS service to elevate their privileges from AppContainer to SYSTEM. Because the AppContainer environment is considered a defensible security boundary, any process th ... oval:org.secpod.oval:def:81893 Windows Internet Information Services Cachuri Module Denial of Service Vulnerability oval:org.secpod.oval:def:81908 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:81907 Windows CSRSS Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81906 Windows.Devices.Picker.dll Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81905 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. An attacker could potentially exploit this vulnerability to elevate privileges from a client-side application sandbox in earlier Microsoft operating systems. However, mitigation technologies in later Microsoft operating system ... oval:org.secpod.oval:def:81909 Windows CSRSS Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81900 Remote Procedure Call Runtime Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. oval:org.secpod.oval:def:81903 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81902 Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker can force a bad response to be cached into a regu ... oval:org.secpod.oval:def:81911 Windows BitLocker Information Disclosure Vulnerability. An attacker could access unencrypted parts of a BitLocker encrypted storage device if the administrator resizes the OS volume while concurrently provisioning the drive with BitLocker encryption. An attacker who successfully exploited this vulne ... oval:org.secpod.oval:def:81910 Windows Fax Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81913 Windows Group Policy Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain domain administrator privileges. Successful exploitation of this vulnerability r ... oval:org.secpod.oval:def:81912 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:79974 Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79980 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79982 Windows LDAP Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited this could allow the malicious server to ga ... oval:org.secpod.oval:def:79983 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79984 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79975 Windows LDAP Remote Code Execution Vulnerability. This vulnerability could be exploited over the network by an authenticated normal user through a low complexity attack on a server configured as the domain controller. oval:org.secpod.oval:def:79976 Windows LDAP Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted request to a vulnerable server. Successful exploitation could result in the attacker's code running in the context of the SYSTEM account. This vulnerability is only exploitable if the MaxRece ... oval:org.secpod.oval:def:79997 The host is missing a critical security update for KB5013941 oval:org.secpod.oval:def:81546 Windows SMB Denial of Service Vulnerability. The vulnerability assigned to this CVE was originally classified as a stability bug in Windows. Rapid7 discovered that this bug could be used to cause a denial of service condition on affected versions of Windows. Microsoft had provided an update to addre ... oval:org.secpod.oval:def:81540 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:81544 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81543 Windows Kerberos Elevation of Privilege Vulnerability. An authenticated attacker could exploit this vulnerability to elevate privileges and then spoof the Kerberos logon process when a remote credential guard connection is made via CredSSP over the network. Systems configured to activate both of the ... oval:org.secpod.oval:def:81542 Kerberos AppContainer Security Feature Bypass Vulnerability. An attacker could bypass the Kerberos service ticketing feature which performs user access control checks. An low privilege attacker could execute a script within an App Container to request a service ticket and thereby gain elevation to t ... oval:org.secpod.oval:def:81537 Windows Kernel Denial of Service Vulnerability. This vulnerability could be exploited if an authenticated user opens a specially crafted file locally or browses to that file on a network share when running an unpatched version of Windows. When the user browses or lists the maliciously crafted file t ... oval:org.secpod.oval:def:81535 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited thi ... oval:org.secpod.oval:def:81534 Windows Network Address Translation (NAT) Denial of Service Vulnerability oval:org.secpod.oval:def:81539 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited thi ... oval:org.secpod.oval:def:81538 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81533 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:81532 Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. oval:org.secpod.oval:def:81531 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. An authenticated victim who is connected to the network must be tricked or pe ... oval:org.secpod.oval:def:81530 Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. An attacker that successfully exploited this vulnerability could recover plaintext passwords and usernames from log files. oval:org.secpod.oval:def:81526 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. Successful expl ... oval:org.secpod.oval:def:81525 Windows File History Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. This vulnerability could be triggered when a windows client connects to a malicious remote share. oval:org.secpod.oval:def:81524 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. An unauthentica ... oval:org.secpod.oval:def:81523 Windows iSCSI Discovery Service Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. Successful exploitation of this vulnerability requires a user to place a call to trigge ... oval:org.secpod.oval:def:81529 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81528 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. An authenticated victim who is connected to the network must be tricked or pe ... oval:org.secpod.oval:def:81527 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:81522 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. Successful expl ... oval:org.secpod.oval:def:81519 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:80436 A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, vie ... oval:org.secpod.oval:def:81929 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. On machines with slow or older USB controller hardware, the Group policy might have (silently) failed to apply. On such machines, the attacker can trivially exploit this enforcement failure by attaching a USB storage d ... oval:org.secpod.oval:def:81927 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:81922 Windows Graphics Component Remote Code Execution Vulnerability. An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could execute code on the victim's system in the context of the targeted user. oval:org.secpod.oval:def:81921 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81926 Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could affect the integrity and availability because they could delete privileged registry keys. Confidentiality is not affected by a successful attack, however ... oval:org.secpod.oval:def:81925 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81923 Windows Shell Remote Code Execution Vulnerability. An unauthenticated attacker could interact with the login screen of a vulnerable system in a specific manner to execute code on that system. oval:org.secpod.oval:def:81917 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is a pointer leak to the process user-mode address space in the internal memory of the application that is using GDI+. oval:org.secpod.oval:def:81916 Windows IIS Server Elevation of Privilege Vulnerability. An attacker who successfully exploited the vulnerability could bypass authentication on Windows IIS Server. Attackers might be able to post or get information from the Web Service (CVSS metrics C:H/I:H), but would not be able to disrupt the se ... oval:org.secpod.oval:def:81915 Windows Security Account Manager (SAM) Denial of Service Vulnerability oval:org.secpod.oval:def:81914 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81933 Windows Boot Manager Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. Successful exploitation of this vulnerability could allow an attacker to access the pre-boot environment. oval:org.secpod.oval:def:81931 Performance Counters for Windows Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:81930 Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81935 Windows Connected Devices Platform Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. S ... oval:org.secpod.oval:def:81934 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. oval:org.secpod.oval:def:82680 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:82678 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82673 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:82672 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82671 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82670 Windows Defender Credential Guard Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82677 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and ... oval:org.secpod.oval:def:82675 Windows Defender Credential Guard Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could access Kerberos protected data. oval:org.secpod.oval:def:82674 Windows Defender Credential Guard Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Kerberos protection used by Defender Credential Guard. oval:org.secpod.oval:def:82669 Windows Defender Credential Guard Information Disclosure Vulnerability. An attacker that successfully exploited this vulnerability could recover plaintext from TLS-protected data. oval:org.secpod.oval:def:82668 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82667 Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability oval:org.secpod.oval:def:82662 Windows Kernel Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could bypass KASLR (Kernel Address Space Layout Randomization). Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82661 Windows WebBrowser Control Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. Any authenticated user could trigger this vulnerability. It does not require admin or ... oval:org.secpod.oval:def:82660 Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine. oval:org.secpod.oval:def:82666 Windows Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82664 Active Directory Domain Services Elevation of Privilege Vulnerability. A system is vulnerable only if Active Directory Certificate Services is running on the domain. An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Direc ... oval:org.secpod.oval:def:82663 Windows Fax Service Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:82694 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82693 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82692 Windows Local Security Authority (LSA) Denial of Service Vulnerability oval:org.secpod.oval:def:82691 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:82690 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker must send the user a malicious input file and convince the user to open said input file. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82689 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. The vulnerable system can be exploited without any interaction from any user. oval:org.secpod.oval:def:82684 Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. An unauthenticated attacker could send a specially crafted connection request to a RA ... oval:org.secpod.oval:def:82683 Windows Digital Media Receiver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82682 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82681 Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine. oval:org.secpod.oval:def:82688 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. The vulnerable system can be exploited without any interaction from any user. oval:org.secpod.oval:def:82686 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82685 Windows Digital Media Receiver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82639 Windows Bluetooth Service Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:82657 Windows Bluetooth Driver Elevation of Privilege Vulnerability. An authorized local attacker could exploit this Windows Bluetooth driver vulnerability by programmatically running certain functions to arbitrarily gain registry key creation and deletion in the bthport.sys driver. oval:org.secpod.oval:def:82651 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82650 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82655 Windows Error Reporting Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82654 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82653 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82652 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82648 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82647 Windows Kerberos Elevation of Privilege Vulnerability. Exploitation of this vulnerability requires that a user trigger the payload in the application. A domain user could use this vulnerability to elevate privileges to a domain admin. oval:org.secpod.oval:def:82646 Unified Write Filter Elevation of Privilege Vulnerability oval:org.secpod.oval:def:82649 Microsoft ATA Port Driver Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82640 Windows Partition Management Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82644 Windows Partition Management Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82643 CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:82642 CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:82641 CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:83876 The host is missing a critical security update for KB5017315 oval:org.secpod.oval:def:83849 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83844 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83845 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83846 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83847 Windows Graphics Component Information Disclosure Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user t ... oval:org.secpod.oval:def:83841 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:83842 Windows Event Tracing Denial of Service Vulnerability oval:org.secpod.oval:def:83843 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:83837 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83838 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83839 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83833 Windows GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83834 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83835 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83836 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83830 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83831 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83832 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:83860 Windows Graphics Component Information Disclosure Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user t ... oval:org.secpod.oval:def:83859 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83855 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:83857 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. An attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code exe ... oval:org.secpod.oval:def:83858 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open t ... oval:org.secpod.oval:def:83851 DirectX Graphics Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83852 Windows Group Policy Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83853 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83854 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83827 Windows TCP/IP Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine. oval:org.secpod.oval:def:83829 Windows ALPC Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83822 Windows Credential Roaming Service Elevation of Privilege Vulnerability. Exploitation of the vulnerability requires that a user to log in to Windows. An attacker who successfully exploited the vulnerability could gain remote interactive logon rights to a machine where the victim's account would not ... oval:org.secpod.oval:def:83823 Windows Secure Channel Denial of Service Vulnerability. An unauthenticated attacker could exploit the vulnerability by sending specially crafted network traffic to the TLS server and could cause it to crash. An attacker who successfully exploited this vulnerability might be able to disclose a single ... oval:org.secpod.oval:def:83824 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:83815 Windows Distributed File System (DFS) Elevation of Privilege Vulnerability. A local authenticated attacker could gain elevated privileges through a vulnerable DFS client, which could allow the attacker to locally execute arbitrary code in the kernel. oval:org.secpod.oval:def:83816 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability oval:org.secpod.oval:def:83817 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. oval:org.secpod.oval:def:83818 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. oval:org.secpod.oval:def:83814 Windows Photo Import API Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82695 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82699 Windows Print Spooler Elevation of Privilege Vulnerability. The user would have to click on a specially crafted URL to be compromised by the attacker. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82698 Windows Defender Credential Guard Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82697 Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability oval:org.secpod.oval:def:82696 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82701 Windows Hello Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass the Windows Hello Facial Recognition security feature. oval:org.secpod.oval:def:82700 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82724 The host is missing an important security update for KB5012170 oval:org.secpod.oval:def:84757 Windows Resilient File System Elevation of Privilege. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84758 Windows DHCP Client Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read User Mode Service Memory. oval:org.secpod.oval:def:84759 Windows Storage Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:84755 Windows Event Logging Service Denial of Service Vulnerability. The performance can be interrupted and/or reduced, but the attacker cannot fully deny service. oval:org.secpod.oval:def:84750 Windows CryptoAPI Spoofing Vulnerability. An attacker could manipulate an existing public x.509 certificate to spoof their identify and perform actions such as authentication or code signing as the targeted certificate. oval:org.secpod.oval:def:82967 Windows Defender Credential Guard Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82966 Windows Defender Credential Guard Security Feature Bypass Vulnerability. A remote authenticated attacker can gain elevated privileges on the target system. oval:org.secpod.oval:def:84775 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84760 Windows USB Serial Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unintentional read access from uninitialized memory, which can be from either kernel memory or another user-mode process. oval:org.secpod.oval:def:84761 Windows CD-ROM File System Driver Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:84762 Server Service Remote Protocol Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:84763 Web Account Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view unbound refresh tokens issued by one cloud on a different cloud. oval:org.secpod.oval:def:84780 Windows NTLM Spoofing Vulnerability. The user would have to access a malicious folder or directory. Users should never open anything that they do not know or trust to be safe. oval:org.secpod.oval:def:84781 Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:84779 Windows TCP/IP Driver Denial of Service Vulnerability. Systems are not affected if IPv6 is disabled on the target machine. oval:org.secpod.oval:def:84776 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84777 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84778 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84797 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:84798 Windows Group Policy Preference Client Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84799 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84793 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84794 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84795 Windows Group Policy Preference Client Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84796 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84790 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84791 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84792 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84786 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:84787 Microsoft DWM Core Library Elevation of Privilege Vulnerability. This vulnerability is subject to a local escalation of privilege attack. The attacker would most likely arrange to run an executable or script on the local computer. An attacker could gain access to the computer through a variety of me ... oval:org.secpod.oval:def:84788 Windows WLAN Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84789 Windows Win32k Elevation of Privilege Vulnerability. An attacker could use this vulnerability to elevate privileges from Low Integrity Level in a contained ("sandboxed") excution environment to escalate to a Medium Integrity Level or a High Integrity Level. oval:org.secpod.oval:def:84782 Windows DWM Core Library Elevation of Privilege Vulnerability. This vulnerability is subject to a local escalation of privilege attack. The attacker would most likely arrange to run an executable or script on the local computer. An attacker could gain access to the computer through a variety of meth ... oval:org.secpod.oval:def:84784 Windows Group Policy Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:84852 Windows Graphics Component Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to gain SYSTEM privileges. oval:org.secpod.oval:def:84853 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. Successful exploitation could lead to a contained execution environment escape oval:org.secpod.oval:def:84854 Active Directory Domain Services Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to could gain domain administrator privileges. oval:org.secpod.oval:def:84855 Windows Graphics Component Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to gain SYSTEM privileges. oval:org.secpod.oval:def:84850 Windows Graphics Component Information Disclosure Vulnerability. Successful exploitation could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:84851 Windows Group Policy Preference Client Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to gain SYSTEM privileges. oval:org.secpod.oval:def:84849 Windows Active Directory Certificate Services Security Feature Bypass oval:org.secpod.oval:def:84848 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability oval:org.secpod.oval:def:84844 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:84816 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84817 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84818 Windows COM+ Event System Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84819 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84812 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84813 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:84814 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:84815 Windows Security Support Provider Interface Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of certain kernel memory content. oval:org.secpod.oval:def:84810 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84811 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84805 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:84806 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. On machines with slow or older USB controller hardware, the Group policy might have (silently) failed to apply. On such machines, the attacker can trivially exploit this enforcement failure by attaching a USB storage d ... oval:org.secpod.oval:def:84807 Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability. An attacker who successfully exploits this vulnerability would be able to remotely read registry keys under HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactPaths\Machine not normally acc ... oval:org.secpod.oval:def:84808 Windows Workstation Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could execute RPC functions that are restricted to local clients only. oval:org.secpod.oval:def:84801 Windows Kernel Elevation of Privilege Vulnerability. An attacker would only be able to delete empty folders on a vulnerable system in the context of the SYSTEM account. They would not gain privileges to view or modify file contents or delete folders containing files. oval:org.secpod.oval:def:84803 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84804 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84800 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:86684 Windows Cryptographic Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets. oval:org.secpod.oval:def:86686 Microsoft Cryptographic Services Elevation of Privilege Vulnerability. attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86685 Windows Cryptographic Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets. oval:org.secpod.oval:def:86688 Microsoft Cryptographic Services Elevation of Privilege Vulnerability. The attacker could then execute code or access resources at a higher integrity level than that of the AppContainer execution environment. oval:org.secpod.oval:def:86687 Windows Cryptographic Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets. oval:org.secpod.oval:def:85497 .NET Framework Information Disclosure Vulnerability oval:org.secpod.oval:def:85429 Windows Group Policy Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85426 AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the la ... oval:org.secpod.oval:def:85443 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85442 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85445 Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:85444 Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability. oval:org.secpod.oval:def:85440 Windows GDI+ Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could expl ... oval:org.secpod.oval:def:85439 Microsoft DWM Core Library Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85436 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85435 Windows HTTP.sys Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85437 Windows Group Policy Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires the attacker to have privileges to create Group Policy Templates. As is best practice, regular validation and audits of administrative groups should be conducted. An attacker who success ... oval:org.secpod.oval:def:85432 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:85434 Windows Kerberos Denial of Service Vulnerability oval:org.secpod.oval:def:85433 Windows Graphics Component Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:86113 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker could potentially exploit this vulnerability to elevate privileges from a client-side application sandbox in earlier Microsoft operating systems. However, mitigation technologies in later Microsoft operating systems make th ... oval:org.secpod.oval:def:86115 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86110 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86111 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86107 Windows Projected File System Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86106 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86109 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. A successful attack could be performed from a low privilege AppContainer. The attacker could get unauthorized access t ... oval:org.secpod.oval:def:86108 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86103 Windows Fax Compose Form Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. For the vulnerability to be exploitable, the Windows Fax and Scan feature needs to be enabled, and the Fax service needs to be runni ... oval:org.secpod.oval:def:86102 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:86105 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:86150 The host is missing a security update for ADV220005 oval:org.secpod.oval:def:86697 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:86696 Windows SMB Witness Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could execute RPC functions that are restricted to privileged accounts only. oval:org.secpod.oval:def:86699 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86698 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86692 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86695 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation allows remote code execution on the server side. oval:org.secpod.oval:def:86691 Event Tracing for Windows Information Disclosure Vulnerability. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:86690 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine. oval:org.secpod.oval:def:86689 Microsoft Cryptographic Services Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86789 The host is missing a critical security update for KB5022286 oval:org.secpod.oval:def:86761 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability oval:org.secpod.oval:def:86760 Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability oval:org.secpod.oval:def:86759 Windows Backup Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. This vulnerability does not allow disclosure of any confidential information, but could allow an attacker to delete data that could include data that r ... oval:org.secpod.oval:def:86756 Windows Netlogon Denial of Service Vulnerability oval:org.secpod.oval:def:86758 Windows Bluetooth Driver Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86752 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86751 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability oval:org.secpod.oval:def:86754 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability oval:org.secpod.oval:def:86753 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code ex ... oval:org.secpod.oval:def:86750 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This vulnerability could be exploited over the network by an authenticated attacker through a low complexity attack on a server configured as the domain controller. oval:org.secpod.oval:def:86749 Windows Boot Manager Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:86748 Windows Error Reporting Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:86745 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code ex ... oval:org.secpod.oval:def:86744 Windows GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86747 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability. An unauthenticated attacker could send a specially crafted request to a vulnerable LDAP server. Successful exploitation could result in bypassing a buffer length check which could be leveraged to achieve informatio ... oval:org.secpod.oval:def:86746 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code ex ... oval:org.secpod.oval:def:86741 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. An unauthenticated attacker could send a specially crafted connection ... oval:org.secpod.oval:def:86740 Windows Task Scheduler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:86743 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability oval:org.secpod.oval:def:86742 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code ex ... oval:org.secpod.oval:def:86766 Windows Overlay Filter Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86763 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. This vulnerability does not allow disclosure of any confidential information, but could allow an attacker to delete data that could include data that re ... oval:org.secpod.oval:def:86765 Windows Overlay Filter Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Successful exploitati ... oval:org.secpod.oval:def:86764 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86716 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86715 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86717 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:86712 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86711 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86714 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86710 Event Tracing for Windows Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:86709 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86708 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86705 Windows NTLM Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86704 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via ODBC, which could result in the server receiving a malicious networking packet. This could allow the attac ... oval:org.secpod.oval:def:86707 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86706 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86701 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:86700 Windows Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86703 Windows Credential Manager User Interface Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86702 Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:86738 Windows iSCSI Service Denial of Service Vulnerability oval:org.secpod.oval:def:86737 Remote Procedure Call Runtime Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:86739 Windows GDI Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86736 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could impersonate the group Managed Service Account (gMSA) to perform actions or access resources over the network. oval:org.secpod.oval:def:87497 Windows MSHTML Platform Remote Code Execution Vulnerability oval:org.secpod.oval:def:87498 Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack. oval:org.secpod.oval:def:87496 Microsoft PostScript Printer Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:87493 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via ODBC, which could result in the server receiving a malicious networking packet. This could allow the attac ... oval:org.secpod.oval:def:87494 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:87491 Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability oval:org.secpod.oval:def:87492 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via ODBC, which could result in the server receiving a malicious networking packet. This could allow the attac ... oval:org.secpod.oval:def:87490 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. An authenticated attacker could attack a Microsoft Protected Extensible Authentication Protocol (PEAP) Server by sending specially crafted malicious PEAP packets over the network. oval:org.secpod.oval:def:87488 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. An unauthenticated attacker could attack a Microsoft Protected Extensible Authentication Protocol (PEAP) Server by sending specially crafted malicious PEAP packets over the network. oval:org.secpod.oval:def:87489 Microsoft PostScript Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:87486 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. An unauthenticated attacker could attack a Microsoft Protected Extensible Authentication Protocol (PEAP) Server by sending specially crafted malicious PEAP packets over the network. oval:org.secpod.oval:def:87487 Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. oval:org.secpod.oval:def:87484 NT OS Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:87485 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. On Successful exploitation, attacker could target the server accounts in an arbitrary or remote code execution and attempt to trigger malicious code in the context of the server's account through a net ... oval:org.secpod.oval:def:87482 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:87483 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:87481 Microsoft PostScript Printer Driver Remote Code Execution Vulnerability. An authenticated attacker could send a specially crafted file to a shared printer. This could result in arbitrary code execution on the system that is sharing the printer oval:org.secpod.oval:def:87516 Windows Graphics Component Remote Code Execution Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:87517 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:87514 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:87515 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:87512 Windows Kerberos Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:87513 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:87510 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:87511 Windows Active Directory Domain Services API Denial of Service Vulnerability oval:org.secpod.oval:def:87536 .NET Framework Denial of service Vulnerability. An authenticated attacker could exploit this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:87537 .NET Framework Remote code execution Vulnerability. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. In order to exploit this vulnerability, an attacker or victim must execute code on the victim's machine. oval:org.secpod.oval:def:87509 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:87507 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:87508 Windows iSCSI Service Denial of Service Vulnerability oval:org.secpod.oval:def:87505 Windows Media Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:87503 Windows iSCSI Discovery Service Denial of Service Vulnerability. An attacker could impact availability of the service resulting in "denial of service"[DOS]. oval:org.secpod.oval:def:87504 Windows iSCSI Service Denial of Service Vulnerability oval:org.secpod.oval:def:87501 Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. oval:org.secpod.oval:def:87502 Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read User Mode Service Memory. oval:org.secpod.oval:def:87500 Windows Fax Service Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to compromise admin credentials on the device. Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network ... oval:org.secpod.oval:def:88063 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88064 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88061 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:88062 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:88060 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88058 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88059 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:88056 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88057 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88054 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88055 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:88052 Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88053 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88050 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability oval:org.secpod.oval:def:88051 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88049 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88047 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88048 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88043 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:88044 Windows Partition Management Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:88041 Windows HTTP.sys Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88040 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88038 Windows Media Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:88039 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88037 Windows Media Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:88099 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. oval:org.secpod.oval:def:88983 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88968 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:88966 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:88967 Windows Kernel Denial of Service Vulnerability oval:org.secpod.oval:def:88962 Windows Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88963 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user (CVSS metric UI:R) into attempting to connect to a malicious SQL server via OLEDB (CVSS metric AV:N), which could result in the server rece ... oval:org.secpod.oval:def:88997 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) o ... oval:org.secpod.oval:def:88995 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:88996 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) o ... oval:org.secpod.oval:def:88993 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88994 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88991 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88992 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88990 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88988 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88989 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88986 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88987 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88984 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:88985 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. An authenticated attacker with normal privileges could send a modified XPS file ... oval:org.secpod.oval:def:88939 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88937 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:88935 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. oval:org.secpod.oval:def:88936 Remote Procedure Call Runtime Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:88933 Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88934 Microsoft Message Queuing Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. This could result in remote code execution on the server side. oval:org.secpod.oval:def:88960 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88961 Windows Clip Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88959 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:88958 Remote Desktop Protocol Client Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88953 Windows Kernel Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:88954 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:88948 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88949 Windows Kernel Remote Code Execution Vulnerability. An attacker must send the user a malicious input file and convince the user to open said input file. An attacker or victim needs to execute code from the local machine to exploit the vulnerability. oval:org.secpod.oval:def:88946 Windows Spoofing Vulnerability. An attacker could convince a user on the target device to open a maliciously crafted HTA file designed to appear as a legitimately signed WIM file (Windows Imaging Format). oval:org.secpod.oval:def:88947 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This vulnerability could be triggered when a user connects a Windows client to a malicious server. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to pre ... oval:org.secpod.oval:def:88944 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same ... oval:org.secpod.oval:def:88945 Windows NTLM Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:88942 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88940 Windows Network Address Translation (NAT) Denial of Service Vulnerability oval:org.secpod.oval:def:88941 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88103 Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88100 Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88101 Windows Bluetooth Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88122 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. oval:org.secpod.oval:def:88123 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88121 Windows SmartScreen Security Feature Bypass Vulnerability. An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. oval:org.secpod.oval:def:88119 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. oval:org.secpod.oval:def:88117 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:88118 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:88115 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88116 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88113 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88114 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88111 Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability. An attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine. To trigger the vulnerable code path, an application on the target must be ... oval:org.secpod.oval:def:88112 Windows Cryptographic Services Remote Code Execution Vulnerability. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system. oval:org.secpod.oval:def:88110 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:88108 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:88109 Windows Accounts Picture Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:88106 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. oval:org.secpod.oval:def:88107 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:88104 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. oval:org.secpod.oval:def:88105 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:90734 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:89700 Windows MSHTML Platform Security Feature Bypass Vulnerability. An attacker can craft a malicious URL that would evade zone checks, resulting in a limited loss of integrity and availability of the victim machine. oval:org.secpod.oval:def:89719 Windows OLE Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment. In an email attack scenario, an attacker could exploit the vulnerab ... oval:org.secpod.oval:def:89718 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker who successfully exploited this vulnerability could gain code execution through a speciall ... oval:org.secpod.oval:def:89717 Windows Backup Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:89716 Windows iSCSI Target Service Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:89715 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. When Windows Message Queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. oval:org.secpod.oval:def:89714 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:89713 Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability oval:org.secpod.oval:def:89017 Windows Group Policy Security Feature Bypass Vulnerability. The vulnerability would only prevent an admin from updating group policies during the time an attacker is performing a specific action; however, it would not prevent an admin from otherwise being able to update the policies. oval:org.secpod.oval:def:89015 Windows Boot Manager Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot to run unauthorized code. To be successful the attacker would need either physical access or administrator privileges. oval:org.secpod.oval:def:89016 Windows Lock Screen Security Feature Bypass Vulnerability. The authentication feature could be bypassed as this vulnerability allows impersonation. oval:org.secpod.oval:def:89013 Windows Common Log File System Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:89011 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. When the Windows Message Queuing service is enabled, an attacker who successfully exploited this vulnerability could send a specially crafted file over the network to achieve remote code execution and attempt to trigger m ... oval:org.secpod.oval:def:89012 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:89010 Windows Boot Manager Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot to run unauthorized code. To be successful the attacker would need either physical access or administrator privileges. oval:org.secpod.oval:def:89008 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. oval:org.secpod.oval:def:89006 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. Only systems with the IKE and AuthIP IPsec Keying Modules running are vulnerable to this attack. oval:org.secpod.oval:def:89007 Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability oval:org.secpod.oval:def:89005 Windows Lock Screen Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass the Windows Lock Screen security feature. oval:org.secpod.oval:def:89000 Windows Bluetooth Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. Exploiting this vulnerability requires an attacker to be within proximity of the target system ... oval:org.secpod.oval:def:89001 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:90395 .NET Framework Remote code execution Vulnerability. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. In order to exploit this vulnerability, an attacker convinces a victim to download and open a specially crafted file from a w ... oval:org.secpod.oval:def:90396 .NET Framework Denial of Service Vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to cause a denial of service vulnerability. oval:org.secpod.oval:def:90397 .NET Framework Remote Code Execution Vulnerability. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. In order to exploit this vulnerability, an attacker convinces a victim to download and open a specially crafted file from a w ... oval:org.secpod.oval:def:90398 .NET Framework Elevation of Privilege Vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to gain administrator privileges. oval:org.secpod.oval:def:90399 .NET Framework Remote code execution Vulnerability. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. In order to exploit this vulnerability, an attacker convinces a victim to download and open a specially crafted file from a w ... oval:org.secpod.oval:def:90369 Windows Media Remote Code Execution Vulnerability. An attacker must send the user a malicious file and convince the user to open said file. oval:org.secpod.oval:def:90360 Windows CryptoAPI Denial of Service Vulnerability oval:org.secpod.oval:def:90366 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. oval:org.secpod.oval:def:90370 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability. This vulnerability could also be exploited through a physical attack vector. An attacke ... oval:org.secpod.oval:def:90371 Windows Collaborative Translation Framework Elevation of Privilege Vulnerability. In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppC ... oval:org.secpod.oval:def:90372 Windows iSCSI Discovery Service Denial of Service Vulnerability oval:org.secpod.oval:def:90375 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. oval:org.secpod.oval:def:90376 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. oval:org.secpod.oval:def:90377 Microsoft PostScript Printer Driver Remote Code Execution Vulnerability. Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:90345 Windows Authentication Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90346 Windows Media Remote Code Execution Vulnerability oval:org.secpod.oval:def:90348 Windows Filtering Platform Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain administrator privileges. oval:org.secpod.oval:def:90349 Windows GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90340 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:90341 Windows Installer Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:90342 Windows Group Policy Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. This vulnerability could allow a standard domain user to delete arbitrary files and folders with system privileges. This could be achiev ... oval:org.secpod.oval:def:90343 Windows GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90344 GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90359 Windows CryptoAPI Denial of Service Vulnerability oval:org.secpod.oval:def:90350 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:90351 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via ODBC, which could result in the server receiving a malicious networking packet. This could allow the attac ... oval:org.secpod.oval:def:90354 Windows Kernel Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. Successful exploitation of this vulnerability requires an attacker to coordinate an attack with another privileged pr ... oval:org.secpod.oval:def:88999 Windows Enroll Engine Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass certificate validation during the account enrollment process. A user would need to setup a new work or school account on their system while connected to a compromised n ... oval:org.secpod.oval:def:88998 Windows Error Reporting Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to locate a machine with rare, seldom used, non-default telemetry settings ... oval:org.secpod.oval:def:90400 .NET Framework Remote code execution Vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to cause a denial of service vulnerability. oval:org.secpod.oval:def:89699 Windows Driver Revocation List Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass the revocation list feature by modifying it and therefore impact the integrity of that list. oval:org.secpod.oval:def:89697 Windows Bluetooth Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:89698 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:89695 Windows Bluetooth Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is one byte of kernel memory could be leaked back to the attacker. oval:org.secpod.oval:def:89696 Windows Bluetooth Driver Remote Code Execution Vulnerability. An unauthorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to remote code execution on the Bluetooth component. oval:org.secpod.oval:def:89693 Server for NFS Denial of Service Vulnerability oval:org.secpod.oval:def:89692 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:89690 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious SSTP packet to a SSTP server. T ... oval:org.secpod.oval:def:89688 Windows NFS Portmapper Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:89687 Windows NTLM Security Support Provider Information Disclosure Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:90742 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90741 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90744 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90743 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90746 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90745 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90748 Remote Procedure Call Runtime Remote Code Execution Vulnerability. The authenticated attacker could take advantage of this vulnerability to execute malicious code through the RPC runtime. oval:org.secpod.oval:def:90747 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability oval:org.secpod.oval:def:90740 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90749 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:90753 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90755 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90754 Remote Procedure Call Runtime Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:90757 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:90756 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90759 Windows MSHTML Platform Security Feature Bypass Vulnerability oval:org.secpod.oval:def:90758 Windows Print Spooler Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:90751 Windows MSHTML Platform Security Feature Bypass Vulnerability oval:org.secpod.oval:def:90750 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. oval:org.secpod.oval:def:90735 Remote Procedure Call Runtime Denial of Service Vulnerability oval:org.secpod.oval:def:90737 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. oval:org.secpod.oval:def:90736 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. oval:org.secpod.oval:def:90739 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:90738 Windows MSHTML Platform Elevation of Privilege Vulnerability. The attacker would gain the rights of the user that is running the affected application. oval:org.secpod.oval:def:90786 Active Template Library Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. oval:org.secpod.oval:def:90780 Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be pe ... oval:org.secpod.oval:def:90783 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:90797 Windows Extended Negotiation Denial of Service Vulnerability oval:org.secpod.oval:def:90799 Windows Geolocation Service Remote Code Execution Vulnerability. An attacker must send the user a malicious input file and convince the user to open said input file. oval:org.secpod.oval:def:90791 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90790 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90793 Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:90792 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:90863 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90862 Windows Partition Management Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90865 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. This attack is limited to systems connected to the same network segmen ... oval:org.secpod.oval:def:90864 Windows Cryptographic Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:90867 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90869 Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain administrator privileges. oval:org.secpod.oval:def:90868 USB Audio Class System Driver Remote Code Execution Vulnerability. An authenticated attacker could use Remote Desktop to connect to a vulnerable system that has Plug and Play device redirection enabled. Alternatively, an attacker could plug a specially crafted USB device into the port of a vulnerabl ... oval:org.secpod.oval:def:90861 HTTP.sys Denial of Service Vulnerability oval:org.secpod.oval:def:90860 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90876 Windows Transaction Manager Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90875 Windows CDP User Components Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:90878 Windows Remote Desktop Protocol Security Feature Bypass. The RDP Gateway protocol is enforcing the usage of Datagram Transport Layer Security (DTLS) version 1.0, which is a deprecated (RFC 8996) protocol with known vulnerabilities. An attacker with a machine-in-the-middle (MitM) position who success ... oval:org.secpod.oval:def:90879 Windows Peer Name Resolution Protocol Denial of Service Vulnerability oval:org.secpod.oval:def:90854 Windows Netlogon Information Disclosure Vulnerability. The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a man-in-the-middle (MITM) attack. An attacker who successfull ... oval:org.secpod.oval:def:90856 OLE Automation Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:90855 Windows Update Orchestrator Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:90858 Windows SmartScreen Security Feature Bypass Vulnerability. The user would have to click on a specially crafted URL to be compromised by the attacker. The attacker would be able to bypass the Open File - Security Warning prompt. oval:org.secpod.oval:def:90857 Windows Remote Desktop Security Feature Bypass Vulnerability. An attacker with a machine-in-the-middle (MitM) position who successfully exploited this vulnerability could bypass the certificate validation performed when a targeted user connects to a trusted server. oval:org.secpod.oval:def:90859 Volume Shadow Copy Elevation of Privilege Vulnerability. The attacker would gain the rights of the user that is running the affected application. An authenticated attacker would need to perform specific actions on a vulnerable system, then convince another user on that system to interact with the Vo ... oval:org.secpod.oval:def:90801 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90800 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90802 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90808 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90881 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:90880 Windows CryptoAPI Denial of Service Vulnerability oval:org.secpod.oval:def:93038 Remote Code Execution Vulnerability. Exploitation of this vulnerability requires that a user trigger the payload in the application. oval:org.secpod.oval:def:93039 Remote Code Execution Vulnerability. Exploitation of this vulnerability requires that an attacker convinces a user to open a maliciously crafted package file in Visual Studio. oval:org.secpod.oval:def:90889 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send specially crafted packets to a server configured with the Routing and Remote Access Service running. oval:org.secpod.oval:def:90888 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send specially crafted packets to a server configured with the Routing and Remote Access Service running. oval:org.secpod.oval:def:90883 Windows Image Acquisition Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90882 Microsoft DirectMusic Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:90890 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send specially crafted packets to a server configured with the Routing and Remote Access Service running. oval:org.secpod.oval:def:90892 Windows Error Reporting Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain administrator privileges. An attacker must have local access to the targeted machine and the user must be able to create folders and performance traces on the ma ... oval:org.secpod.oval:def:90891 Azure Active Directory Security Feature Bypass Vulnerability. An attacker would require access to a low privileged session on the user's device to obtain a JWT (JSON Web Token) which can then be used to craft a long-lived assertion using the Windows Hello for Business Key from the victim's device. B ... oval:org.secpod.oval:def:90913 The host is missing an important security update for ADV230002 oval:org.secpod.oval:def:90914 The host is missing a security update for ADV230001 oval:org.secpod.oval:def:90917 The host is missing a critical security update for KB5028168 oval:org.secpod.oval:def:92986 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:92985 Windows MSHTML Platform Security Feature Bypass Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. Successful exploitation of this vulnerability requires an attacker to gather information spec ... oval:org.secpod.oval:def:92988 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:92987 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:92989 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:92980 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:92982 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. CVE-2023-36802 oval:org.secpod.oval:def:92984 Windows GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:92983 Windows Kernel Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:92997 Windows TCP/IP Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. An attacker who successfully exploited the vulnerability could view sensitive information (Confidentiality). While the attacker can not ... oval:org.secpod.oval:def:92991 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:92990 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:92992 Windows Miracast Wireless Display Remote Code Execution Vulnerability. Exploiting this vulnerability requires an attacker to be within proximity of the target system in order to send and receive radio transmissions. An unauthenticated attacker could project to a vulnerable system on the same wireles ... oval:org.secpod.oval:def:92994 Windows TCP/IP Denial of Service Vulnerability. Systems are not affected if IPv6 is disabled on the target machine. oval:org.secpod.oval:def:93041 Remote Code Execution Vulnerability. Exploitation of this vulnerability requires that an attacker convinces a user to open a maliciously crafted package file in Visual Studio. oval:org.secpod.oval:def:93042 Remote Code Execution Vulnerability. Exploitation of this vulnerability requires that an attacker convinces a user to open a maliciously crafted package file in Visual Studio. oval:org.secpod.oval:def:93040 Remote Code Execution Vulnerability. Exploitation of this vulnerability requires that an attacker convinces a user to open a maliciously crafted package file in Visual Studio. oval:org.secpod.oval:def:93656 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93650 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93651 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93655 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93652 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93653 Windows Runtime Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:93661 Windows Deployment Services Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:93662 Remote Procedure Call Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:93665 Microsoft AllJoyn API Denial of Service Vulnerability oval:org.secpod.oval:def:93666 Windows Common Log File System Driver Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:93663 Microsoft DirectMusic Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:93636 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93637 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93634 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93635 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93638 Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:93639 Windows Named Pipe Filesystem Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93632 Windows upnphost.dll Denial of Service Vulnerability. An attacker could impact availability of the service resulting in Denial of Service (DoS). oval:org.secpod.oval:def:93633 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93630 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93631 Windows Mark of the Web Security Feature Bypass Vulnerability. An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW taggin ... oval:org.secpod.oval:def:93647 Windows Power Management Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information. oval:org.secpod.oval:def:93648 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93645 Windows Kernel Elevation of Privilege Vulnerability. An attacker must send the user a malicious input file and convince the user to open said input file. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:93646 Windows Mixed Reality Developer Tools Denial of Service Vulnerability oval:org.secpod.oval:def:93649 Named Pipe File System Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93640 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:93643 Windows Setup Files Cleanup Remote Code Execution Vulnerability oval:org.secpod.oval:def:93644 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could create or delete files in the security context of the NT AUTHORITY\ LOCAL SERVICE account. An attacker would only be able to delete targeted files on a system. A ... oval:org.secpod.oval:def:93641 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93642 Windows Kernel Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass the Windows Arbitrary Code Guard exploit protection feature. oval:org.secpod.oval:def:93615 Windows MSHTML Platform Remote Code Execution Vulnerability. An attacker could successfully exploit this vulnerability by invoking the PrintHTML API from a locally running application (or by tricking a user into doing so) which could allow the attacker to launch an app via application protocols with ... oval:org.secpod.oval:def:93612 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:93613 Windows IIS Server Elevation of Privilege Vulnerability. The attacker would be able to login as another user successfully. In a network-based attack, an attacker could brute force user account passwords to log in as that user. oval:org.secpod.oval:def:93618 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93619 Microsoft Message Queuing Remote Code Execution Vulnerability. uccessful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromi ... oval:org.secpod.oval:def:93616 Microsoft WordPad Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of NTLM hashes. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vuln ... oval:org.secpod.oval:def:93617 Windows Search Security Feature Bypass Vulnerability. The user would have to click on a specially crafted URL to be compromised by the attacker. A security feature bypass vulnerability exists when MapUrlToZone fails to correctly handle certain paths. This could allow an attacker to plant files witho ... oval:org.secpod.oval:def:93610 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93611 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. oval:org.secpod.oval:def:93625 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Exploitation of this vulnerability requires an attacker to trick or convince the victim into connecting to their malicious server. If your environment only connects to known, trusted servers and there is no ability to ... oval:org.secpod.oval:def:93626 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93623 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93624 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is device information like resource ids, sas tokens, user properties, and other sensitive information. Any authenticated attacker could trigge ... oval:org.secpod.oval:def:93629 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93627 Microsoft Message Queuing Denial of Service Vulnerability. oval:org.secpod.oval:def:93628 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:93621 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93622 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:93620 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or comprom ... oval:org.secpod.oval:def:94484 Windows Installer Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:94485 Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a sp ... oval:org.secpod.oval:def:94464 Windows Search Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:95796 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or v ... oval:org.secpod.oval:def:95794 Windows MSHTML Platform Remote Code Execution Vulnerability. The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Pre ... oval:org.secpod.oval:def:94463 Windows User Interface Application Core Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:94468 Windows NTFS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. In this case, a successful atta ... oval:org.secpod.oval:def:94467 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. oval:org.secpod.oval:def:94471 Microsoft Remote Registry Service Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires the attacker must be an authenticated user on the network who is a member of the performance log users group. Although this group defaults to only Administrators, it is possi ... oval:org.secpod.oval:def:94472 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:94470 Windows HMAC Key Derivation Elevation of Privilege Vulnerability. In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment. An attacker who successfully ... oval:org.secpod.oval:def:94475 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:94473 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:94474 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is values of registry keys the attacker does not have permissions to view. oval:org.secpod.oval:def:94479 Microsoft Remote Registry Service Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires the attacker must be an authenticated user on the network who is a member of the performance log users group. Although this group defaults to only Administrators, it is possi ... oval:org.secpod.oval:def:94483 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:94480 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to a High Integrity Level. oval:org.secpod.oval:def:94481 Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires the attacker or targeted user to have both domain user and delegate management permissions on a non-default DFS namespace. An attacker could exploit a DFS namespace (non- ... oval:org.secpod.oval:def:94459 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:94457 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. An unauthenticated attacker could attack a Microsoft Protected Extensible Authentication Protocol (PEAP) Server by sending specially crafted malicious PEAP packets over the network. oval:org.secpod.oval:def:94458 Windows DWM Core Library Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:94455 Windows Scripting Engine Memory Corruption Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this spec ... oval:org.secpod.oval:def:94456 Windows SmartScreen Security Feature Bypass Vulnerability. The attacker would be able to bypass Windows Defender SmartScreen checks and their associated prompts. The user would have to click on a specially crafted Internet Shortcut (.URL) or a hyperlink pointing to an Internet Shortcut file to be co ... oval:org.secpod.oval:def:95792 Windows Media Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the fil ... oval:org.secpod.oval:def:94461 Windows Authentication Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:95790 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:95814 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:95811 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:95810 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:95804 Internet Connection Sharing (ICS) Denial of Service Vulnerability. This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtu ... oval:org.secpod.oval:def:95803 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or v ... oval:org.secpod.oval:def:95802 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the atta ... oval:org.secpod.oval:def:95808 Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability. To exploit this vulnerability, an attacker would need to launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine. The attacker must inject themsel ... oval:org.secpod.oval:def:95807 XAML Diagnostics Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. An authorized attacker with regular user privileges may be able to inject a malicious file and then convince a user to execute a UWP application. oval:org.secpod.oval:def:95806 Windows Sysmain Service Elevation of Privilege. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:95809 Windows Telephony Server Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could execute code in the security context of the "NT AUTHORITY\Network Service" accoun ... oval:org.secpod.oval:def:93692 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93679 Windows Media Foundation Core Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:93672 Windows TCP/IP Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the unencrypted contents of IPsec packets from other sessions on a server. oval:org.secpod.oval:def:93673 PrintHTML API Remote Code Execution Vulnerability. An attacker could successfully exploit this vulnerability by invoking the PrintHTML API from a locally running application (or by tricking a user into doing so) which could allow the attacker to launch an app via application protocols without prompt ... oval:org.secpod.oval:def:93670 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93676 Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93674 Windows TCP/IP Denial of Service Vulnerability oval:org.secpod.oval:def:93675 Windows TCP/IP Denial of Service Vulnerability oval:org.secpod.oval:def:93689 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93683 Active Directory Domain Services Information Disclosure Vulnerability oval:org.secpod.oval:def:93684 Windows Container Manager Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:93682 Windows Error Reporting Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93687 Windows Graphics Component Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:93688 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93685 Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:93690 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93691 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93669 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93667 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93668 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could le ... oval:org.secpod.oval:def:93713 The host is missing a critical security update for KB5031361 oval:org.secpod.oval:def:93609 HTTP/2 Rapid Reset Attack oval:org.secpod.oval:def:90363 Microsoft Streaming Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:75839 The host is installed with Edge-Chromium and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:76446 An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with ... oval:org.secpod.oval:def:93102 The host is missing an important security update for KB5030214 oval:org.secpod.oval:def:92998 Windows GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:94495 The host is missing a critical security update for KB5032196 oval:org.secpod.oval:def:94454 Mitre: CVE-2023-24023 Bluetooth Vulnerability. CVE-2023-24023 is regarding a vulnerability reported to the Bluetooth Special Interest Group (Bluetooth SIG). MITRE assigned this CVE number on behalf of the Bluetooth organization https://www.bluetooth.com/about-us/vision/. oval:org.secpod.oval:def:88138 The host is missing a critical security update for KB5023702 oval:org.secpod.oval:def:89027 The host is missing a critical security update for KB5025229 oval:org.secpod.oval:def:88885 Open Source Curl Remote Code Execution Vulnerability. oval:org.secpod.oval:def:81932 HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data. This CVE is regarding a vulnerability in the curl open source library which is used by Windows. The July 2022 Windows Security Updates includes the most recent version of thi ... oval:org.secpod.oval:def:77129 Open Source Curl Remote Code Execution Vulnerability. This CVE is regarding a vulnerability in the curl open source library which is used by Windows. oval:org.secpod.oval:def:77130 Libarchive Remote Code Execution Vulnerability. CVE-2021-36976 is regarding a vulnerability in the libarchive open source library which is used by Windows. The January 2022 Windows Security Updates include the most recent version of this library which addresses the vulnerability and others. oval:org.secpod.oval:def:47936 The host is missing a critical security update for KB4462919 oval:org.secpod.oval:def:98979 SmartScreen Prompt Security Feature Bypass Vulnerability. A user needs to be tricked into running malicious files. To exploit this security feature bypass vulnerability, an attacker would need to convince a user to launch malicious files using a launcher application that requests that no UI be shown ... oval:org.secpod.oval:def:98969 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98955 Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability oval:org.secpod.oval:def:98949 Windows Defender Credential Guard Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:98852 HTTP.sys Denial of Service Vulnerability oval:org.secpod.oval:def:98941 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98845 Windows DWM Core Library Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:87506 Windows iSCSI Discovery Service Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by sending a specially crafted malicious DHCP discovery request to the iSCSI Discovery Service on 32-bit machines. An attacker who successfully exploited the vulnerability could then gain ... oval:org.secpod.oval:def:88042 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. oval:org.secpod.oval:def:93680 Windows Virtual Trusted Platform Module Denial of Service Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. oval:org.secpod.oval:def:93681 Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability. This vulnerability could lead to a contained execution environment escape. Successful exploitation of this vulnerability would rely upon complex memory shaping techniques to attempt an attack. The attacker must be authent ... oval:org.secpod.oval:def:94482 Windows Hyper-V Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98956 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:98923 Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efi. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98922 Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98473 The host is missing a critical security update for KB5035849 oval:org.secpod.oval:def:98448 Microsoft ODBC Driver Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to th ... oval:org.secpod.oval:def:98449 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98444 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98445 Microsoft ODBC Driver Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to th ... oval:org.secpod.oval:def:98446 Microsoft ODBC Driver Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to th ... oval:org.secpod.oval:def:98447 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98451 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98452 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is values of registry keys the attacker does not have permissions to view. oval:org.secpod.oval:def:98453 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98454 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is values of registry keys the attacker does not have permissions to view. oval:org.secpod.oval:def:98455 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98456 Windows Kernel Denial of Service Vulnerability oval:org.secpod.oval:def:98457 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98428 NTFS Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98422 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98424 Microsoft AllJoyn API Denial of Service Vulnerability oval:org.secpod.oval:def:98425 Windows Telephony Server Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could execute code in the security context of the "NT AUTHORITY\Network Service" accoun ... oval:org.secpod.oval:def:98430 Windows Error Reporting Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98437 Windows Print Spooler Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98438 Windows Installer Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run ... oval:org.secpod.oval:def:98439 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98435 Intel: CVE-2023-28746 Register File Data Sampling (RFDS) oval:org.secpod.oval:def:98440 Microsoft ODBC Driver Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to th ... oval:org.secpod.oval:def:98441 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98442 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. An administrative user must be convinced to open a malicious COM object like an .rtf file. oval:org.secpod.oval:def:98443 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98419 Windows USB Hub Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:98416 Windows Hyper-V Remote Code Execution Vulnerability. This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. Successful exploit ... oval:org.secpod.oval:def:98417 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:98420 Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to physically access the target device. To gain access, an attacker must acquire the device after being unlocked by a legitimate user (target of opportunit ... oval:org.secpod.oval:def:98421 Windows Update Stack Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to ... oval:org.secpod.oval:def:98000 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98002 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition.An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98003 Windows Printing Service Spoofing Vulnerability. In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. oval:org.secpod.oval:def:98004 Internet Shortcut Files Security Feature Bypass Vulnerability. An attacker must send the user a malicious file and convince them to open it. An unauthenticated attacker could send the targeted user a specially crafted file that is designed to bypass displayed security checks. However, the attacker w ... oval:org.secpod.oval:def:98005 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:98016 The host is missing a critical security update for KB5034768 oval:org.secpod.oval:def:97997 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97998 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97999 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:97993 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97994 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97995 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97996 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97979 Microsoft ODBC Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. An authenticated victim who is connected to the network must be tricked or persuaded to co ... oval:org.secpod.oval:def:97975 Windows Network Address Translation (NAT) Denial of Service Vulnerability oval:org.secpod.oval:def:97976 Windows Network Address Translation (NAT) Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. oval:org.secpod.oval:def:97971 Trusted Compute Base Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:97972 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could expl ... oval:org.secpod.oval:def:97973 Windows Kernel Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:97974 Windows Kernel Remote Code Execution Vulnerability oval:org.secpod.oval:def:97980 Microsoft ActiveX Data Objects Remote Code Execution Vulnerability. An attacker would need to set up a malicious server and create a proof-of-concept script. The victim would then need to be convinced, possibly through social engineering techniques, to run this script, which would connect to the mal ... oval:org.secpod.oval:def:97981 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:97986 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:97987 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97988 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97989 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97982 Windows SmartScreen Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience. An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience. The vulnerability allows a malici ... oval:org.secpod.oval:def:97983 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:97985 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:97990 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:97991 Windows Kernel Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass the Windows Code Integrity Guard (CIG). An authenticated attacker could replace valid file content with specially crafted file content. oval:org.secpod.oval:def:97992 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred t ... oval:org.secpod.oval:def:97957 Windows OLE Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to the client t ... oval:org.secpod.oval:def:97958 Windows DNS Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:97954 Internet Connection Sharing (ICS) Denial of Service Vulnerability oval:org.secpod.oval:def:97955 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability oval:org.secpod.oval:def:97956 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. This attack is limited to systems connected to the same network segmen ... oval:org.secpod.oval:def:97952 Windows USB Generic Parent Driver Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:98001 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send special ... oval:org.secpod.oval:def:96684 Windows Themes Spoofing Vulnerability. An attacker would have to convince the user to load a malicious file onto a vulnerable system, typically by way of an enticement in an Email or Instant Messenger message, and then convince the user to manipulate the specially crafted file, but not necessarily c ... oval:org.secpod.oval:def:96665 MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow. This is regarding a vulnerability in SQLite. MITRE assigned this CVE number on behalf of the SQLite organization. Microsoft has included the updated library in Windows that addresses this vulnerability. oval:org.secpod.oval:def:96662 Microsoft Message Queuing Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:96668 Windows Kerberos Security Feature Bypass Vulnerability. The authentication feature could be bypassed as this vulnerability allows impersonation. An authenticated attacker could exploit this vulnerability by establishing a machine-in-the-middle (MITM) attack or other local network spoofing technique, ... oval:org.secpod.oval:def:96667 Windows Group Policy Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:96666 Microsoft Common Log File System Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:96672 Microsoft AllJoyn API Denial of Service Vulnerability oval:org.secpod.oval:def:96670 Windows Cryptographic Services Remote Code Execution Vulnerability. Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:96675 Windows Libarchive Remote Code Execution Vulnerability. An authorized attacker with guest privileges must send a victim a malicious site and convince them to open it. oval:org.secpod.oval:def:96674 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability. An attacker could exploit the vulnerability by convincing, or waiting for, a user to connect to an Active Directory Domain Controller and then stealing network secrets. When the vulnerability is successfully e ... oval:org.secpod.oval:def:96673 Windows Themes Information Disclosure Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:96679 Remote Desktop Client Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthorized attacker must wait for a user to initiate a connection. oval:org.secpod.oval:def:96678 Windows Hyper-V Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack. oval:org.secpod.oval:def:96677 Windows Hyper-V Denial of Service Vulnerability. An authenticated attacker could run a specially crafted application on a vulnerable Hyper-V guest to exploit this vulnerability which, if successful, could potentially interact with processes of another Hyper-V guest hosted on the same Hyper-V host. oval:org.secpod.oval:def:96683 Windows Server Key Distribution Service Security Feature Bypass. This vulnerability can be exploited when an attacker with admin privileges creates an x509 certificate with an MD5 property, which causes certificate validation to fail with no further validation checks. oval:org.secpod.oval:def:96682 Windows TCP/IP Information Disclosure Vulnerability. The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack. The type of information t ... oval:org.secpod.oval:def:96681 Windows Cryptographic Services Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. For successful exploitation, a locally authenticated attacker needs to send a specially crafted request to the cryptogr ... oval:org.secpod.oval:def:96680 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:96649 Microsoft Message Queuing Denial of Service Vulnerability. oval:org.secpod.oval:def:96648 Microsoft Message Queuing Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:96647 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain privilege escalation in the processing of .vhdx files in the Windows Kernel. oval:org.secpod.oval:def:96645 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via ODBC, which could result in the client receiving a malicious networking packet. This could allow the attac ... oval:org.secpod.oval:def:96644 Windows HTML Platforms Security Feature Bypass Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. The MapURLToZone method could be bypassed by an attacker if the API returned a Zone value of 'Intranet' b ... oval:org.secpod.oval:def:96659 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability. Successful exploitation of this vulnerability requires an attacker to compromise admin credentials on the device. oval:org.secpod.oval:def:96654 Windows Message Queuing Client (MSMQC) Information Disclosure. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:96653 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data. The exploit is only possible wit ... oval:org.secpod.oval:def:96652 Microsoft Message Queuing Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:96651 Windows Message Queuing Client (MSMQC) Information Disclosure. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:96658 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:96657 Windows CoreMessaging Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of stack memory. oval:org.secpod.oval:def:96656 Windows Nearby Sharing Spoofing Vulnerability. This vulnerability could be triggered when a malicious actor spoofs a machine with the same name that a user is searching for. oval:org.secpod.oval:def:96655 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:90894 Windows Search Remote Code Execution Vulnerability. In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file that is designed to exploit the remote code execution vulnerability. In any case an attacker would have no way to force a user to vie ... oval:org.secpod.oval:def:95791 AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest buil ... oval:org.secpod.oval:def:95829 The host is missing a critical security update for KB5033371 oval:org.secpod.oval:def:91798 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:91797 AMD: CVE-2023-20569 Return Address Predictor. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows ... oval:org.secpod.oval:def:91799 Microsoft Message Queuing Denial of Service Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. The vulnerability is triggered when a user on the target machine accesses message queuing, which could result in a deni ... oval:org.secpod.oval:def:91776 Windows System Assessment Tool Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:91775 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:91778 Windows Hyper-V Information Disclosure Vulnerability. The type of information that could be disclosed if a Hyper-V Guest attacker successfully exploited this vulnerability is data from the Hyper-V Host. Where the attack vector metric is Adjacent (A), this represents virtual machines connected via a ... oval:org.secpod.oval:def:91777 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:91770 Windows Projected File System Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. An attacker who successfull ... oval:org.secpod.oval:def:91772 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open t ... oval:org.secpod.oval:def:91773 Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability. An authorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to elevation of privilege on the Bluetooth component. An attacker who successfully exploit ... oval:org.secpod.oval:def:91781 Windows Group Policy Security Feature Bypass Vulnerability. An authenticated attacker who successfully exploited this vulnerability could read specific Group Policy configuration settings. oval:org.secpod.oval:def:91780 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An authenticated attacker who successfully exploited this vulnerability could gain code execution through a specially ... oval:org.secpod.oval:def:91782 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81516 Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. Thi ... oval:org.secpod.oval:def:91811 Microsoft Message Queuing Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. oval:org.secpod.oval:def:91810 Microsoft Message Queuing Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. This could result in remote code execution on the server side. oval:org.secpod.oval:def:91813 Microsoft Message Queuing Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory ... oval:org.secpod.oval:def:91812 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:91815 Microsoft Message Queuing Denial of Service Vulnerability oval:org.secpod.oval:def:91814 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:91817 Windows Cryptographic Services Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:91816 Microsoft Message Queuing Denial of Service Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. The vulnerability is triggered when a user on the target machine accesses message queuing, which could result in a deni ... oval:org.secpod.oval:def:91818 Windows Cryptographic Services Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:91822 .NET Framework Spoofing Vulnerability. Successful exploitation of this vulnerability requires an attacker to create a crafted certificate in order to validate themselves as a trusted source. oval:org.secpod.oval:def:91821 ASP.NET Elevation of Privilege Vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to gain the rights of the user that is running the affected application. oval:org.secpod.oval:def:91800 Microsoft Message Queuing Denial of Service Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. The vulnerability is triggered when a user on the target machine accesses message queuing, which could result in a deni ... oval:org.secpod.oval:def:91802 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:91801 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:91804 Windows HTML Platforms Security Feature Bypass Vulnerability. A security feature bypass vulnerability exists when the MSHTML platform fails to validate the correct Security Zone of requests for specific URLs. This could allow an attacker to cause a user to access a URL in a less restricted Internet ... oval:org.secpod.oval:def:91803 Microsoft Message Queuing Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read User Mode Service Memory. oval:org.secpod.oval:def:91806 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:91805 Microsoft Message Queuing Remote Code Execution Vulnerability. The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotel ... oval:org.secpod.oval:def:91807 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user (CVSS metric UI:R) into attempting to connect to a malicious SQL server via a connection driver (for example: ODBC and / or OLEDB as applic ... oval:org.secpod.oval:def:91809 Microsoft Message Queuing Denial of Service Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. The vulnerability is triggered when a user on the target machine accesses message queuing, which could result in a deni ... oval:org.secpod.oval:def:91854 The host is missing a critical security update for KB5029247 oval:org.secpod.oval:def:81889 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. oval:org.secpod.oval:def:81888 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. oval:org.secpod.oval:def:81558 The host is missing an important security update for ADV220002 oval:org.secpod.oval:def:81515 Intel: CVE-2022-21125 Shared Buffers Data Sampling (SBDS). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. This CVE is being documente ... oval:org.secpod.oval:def:81514 Intel: CVE-2022-21123 Shared Buffers Data Read (SBDR). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. This CVE is being documented in ... oval:org.secpod.oval:def:81517 Intel: CVE-2022-21166 Device Register Partial Write (DRPW). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. This CVE is being document ... oval:org.secpod.oval:def:98869 Windows Cryptographic Services Remote Code Execution Vulnerability. For successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authentica ... oval:org.secpod.oval:def:98862 Windows Telephony Server Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98863 Windows Telephony Server Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could create or delete files in the security context of the "NT AUTHORITY\ LOCAL SERVIC ... oval:org.secpod.oval:def:98865 Windows Kerberos Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:98849 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:98844 Microsoft Install Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98846 Windows Kerberos Denial of Service Vulnerability oval:org.secpod.oval:def:98843 Remote Procedure Call Runtime Remote Code Execution Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. To exploit this vulnerability, an authenticated attacker would need to send a specially crafted RPC call to an RPC host. ... oval:org.secpod.oval:def:98859 Windows Telephony Server Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98858 Windows Cryptographic Services Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass RSA signature verification on a vulnerable system. oval:org.secpod.oval:def:98915 Intel: CVE-2022-0001 Branch History Injection oval:org.secpod.oval:def:98916 BitLocker Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. Successful exploitation of this vulnerability requires an attacker to compromise admin credentials on the device. oval:org.secpod.oval:def:98917 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. Successful exploitation of this vulnerability requires an attacker to compromise admin credentials on the device. oval:org.secpod.oval:def:98968 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98961 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:98962 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:98963 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:98964 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98970 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98971 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98976 Secure Boot Security Feature Bypass Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could bypass Secure Boot. An authenticated attacker could exploit this vulnerability with LAN acces ... oval:org.secpod.oval:def:98977 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:98972 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98973 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. Successful exploitation of this vulnerability requires an attacker to compromise admin credentials on the device. oval:org.secpod.oval:def:98974 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. An authenticated attacker could exploit this vulnerability with LAN access. An unauthorized attacker must wait for a user to initiate a connection. oval:org.secpod.oval:def:98975 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98944 Windows CSC Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98945 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or ... oval:org.secpod.oval:def:98946 Proxy Driver Spoofing Vulnerability oval:org.secpod.oval:def:98940 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:98942 Windows Mobile Hotspot Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Exploitation of the vulnerability requires a user to first turn on the Mobile Hotspot before the attacker sta ... oval:org.secpod.oval:def:98958 Secure Boot Security Feature Bypass Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98959 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. An authenticated attacker could exploit this vulnerability with LAN access. oval:org.secpod.oval:def:98954 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98950 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98951 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98952 Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98960 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitatio ... oval:org.secpod.oval:def:98929 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target device could install a malicious .bcd file. oval:org.secpod.oval:def:98925 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98926 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98927 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. An unauthorized attacker must wait for a user to initiate a connection. This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client. oval:org.secpod.oval:def:98928 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98924 Secure Boot Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98920 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98936 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:98938 Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability. An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially craft ... oval:org.secpod.oval:def:98932 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. An unauthorized attacker must wait for a user to initiate a connection. This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client. oval:org.secpod.oval:def:98933 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:98934 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. To successfully exploit this vulnerability, the target server must be configured to allow remote activation of the COM object. In addition, the attacker must have sufficient user privileges on that server. Successful exploitation ... oval:org.secpod.oval:def:98935 Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:98930 Secure Boot Security Feature Bypass Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:98931 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. An unauthorized attacker must wait for a user to initiate a connection. This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client. oval:org.secpod.oval:def:98418 Windows Kerberos Security Feature Bypass Vulnerability. The authentication feature could be bypassed as this vulnerability allows impersonation. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to e ... oval:org.secpod.oval:def:71869 The host is missing a critical security update for KB5003171 oval:org.secpod.oval:def:71828 Windows Wireless Networking Information Disclosure Vulnerability oval:org.secpod.oval:def:71829 Windows Wireless Networking Spoofing Vulnerability oval:org.secpod.oval:def:71814 Scripting Engine Memory Corruption Vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control m ... oval:org.secpod.oval:def:71848 Windows SSDP Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71849 OLE Automation Remote Code Execution Vulnerability oval:org.secpod.oval:def:71844 Windows Graphics Component Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71843 Windows WalletService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71846 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71845 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71840 Microsoft Bluetooth Driver Spoofing Vulnerability oval:org.secpod.oval:def:71842 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71841 Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space f ... oval:org.secpod.oval:def:71836 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71839 Windows Graphics Component Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71832 Windows CSC Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:71831 Hyper-V Remote Code Execution Vulnerability. This issue allows a guest VM to force the Hyper-V host's kernel to read from an arbitrary, potentially invalid address. The contents of the address read would not be returned to the guest VM. In most circumstances, this would result in a denial of service ... oval:org.secpod.oval:def:71830 Windows Wireless Networking Spoofing Vulnerability oval:org.secpod.oval:def:71804 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability oval:org.secpod.oval:def:65070 An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte ... oval:org.secpod.oval:def:65071 An elevation of privilege vulnerability exists when the Windows Ancillary Function Driver for WinSock improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate pr ... oval:org.secpod.oval:def:65072 The host is missing a low severity security update for KB4565349 oval:org.secpod.oval:def:65074 The host is missing an important security update for KB4566782 oval:org.secpod.oval:def:65059 An elevation of privilege vulnerability exists when the Windows Speech Shell Components improperly handle memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The se ... oval:org.secpod.oval:def:65060 An elevation of privilege vulnerability exists when the Windows Network Connection Broker improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:65061 An elevation of privilege vulnerability exists when the Windows Custom Protocol Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The se ... oval:org.secpod.oval:def:65062 An elevation of privilege vulnerability exists when the Windows Radio Manager API improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The securit ... oval:org.secpod.oval:def:65063 An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security update ... oval:org.secpod.oval:def:65064 An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:65065 An elevation of privilege vulnerability exists when the Windows Remote Access improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. An ... oval:org.secpod.oval:def:65066 An information disclosure vulnerability exists when the Windows WaasMedic Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to improperly disclose memory.The ... oval:org.secpod.oval:def:65067 An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The securi ... oval:org.secpod.oval:def:65068 An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The securi ... oval:org.secpod.oval:def:65069 An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privile ... oval:org.secpod.oval:def:65026 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65027 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65028 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65029 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65030 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65031 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65032 An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted app ... oval:org.secpod.oval:def:65033 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:65034 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:65035 An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:65036 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:65015 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:65016 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:65017 An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a special ... oval:org.secpod.oval:def:65018 An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s ... oval:org.secpod.oval:def:65019 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65020 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65021 An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:65022 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65023 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65024 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65025 An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security up ... oval:org.secpod.oval:def:65048 A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user ... oval:org.secpod.oval:def:65049 An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users systemTo exploit this vulnerability, an attacker would need to run a specially ... oval:org.secpod.oval:def:65050 An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit the vulnerability, an authe ... oval:org.secpod.oval:def:65051 An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:65052 An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit the vulnerability, an authe ... oval:org.secpod.oval:def:65053 An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the targe ... oval:org.secpod.oval:def:65054 An elevation of privilege vulnerability exists when the Windows Telephony Server improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:65055 An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate ... oval:org.secpod.oval:def:65056 An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate ... oval:org.secpod.oval:def:65057 An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u ... oval:org.secpod.oval:def:65058 An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u ... oval:org.secpod.oval:def:65037 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:65039 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted fi ... oval:org.secpod.oval:def:65040 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted fi ... oval:org.secpod.oval:def:65041 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:65042 An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate pr ... oval:org.secpod.oval:def:65043 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:65045 An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit the vulnerabilit ... oval:org.secpod.oval:def:65046 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ... oval:org.secpod.oval:def:65004 An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.Th ... oval:org.secpod.oval:def:65005 An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upda ... oval:org.secpod.oval:def:65006 An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on th ... oval:org.secpod.oval:def:65007 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:65008 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:65009 An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a spec ... oval:org.secpod.oval:def:65010 An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An attacker could exploit this vulnerability by run ... oval:org.secpod.oval:def:65011 An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upda ... oval:org.secpod.oval:def:65012 An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The secu ... oval:org.secpod.oval:def:65013 An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:65014 A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Windows Font Driver Host han ... oval:org.secpod.oval:def:65000 An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:65001 An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The secu ... oval:org.secpod.oval:def:65002 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:65003 An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log onto an af ... oval:org.secpod.oval:def:64902 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:64903 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfu ... oval:org.secpod.oval:def:64904 A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnera ... oval:org.secpod.oval:def:64905 A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vul ... oval:org.secpod.oval:def:64906 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability ... oval:org.secpod.oval:def:64907 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploi ... oval:org.secpod.oval:def:64908 An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files.To exploit this vulnerability, an attacker would need to send a ... oval:org.secpod.oval:def:64909 A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a web ... oval:org.secpod.oval:def:65390 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit ... oval:org.secpod.oval:def:65391 An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack ... oval:org.secpod.oval:def:65392 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:65393 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:65394 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vu ... oval:org.secpod.oval:def:65395 An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack ... oval:org.secpod.oval:def:65422 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v ... oval:org.secpod.oval:def:65423 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An authenticated attacker could exploit this vulnerability by running ... oval:org.secpod.oval:def:65424 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craf ... oval:org.secpod.oval:def:65425 An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ... oval:org.secpod.oval:def:65426 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:65427 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:65428 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.There are multiple ways an attacker could exploit the ... oval:org.secpod.oval:def:65429 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.There are multiple ways an attacker could exploit the ... oval:org.secpod.oval:def:65430 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have t ... oval:org.secpod.oval:def:65432 An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ... oval:org.secpod.oval:def:65411 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual ... oval:org.secpod.oval:def:65412 An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap ... oval:org.secpod.oval:def:65413 An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privile ... oval:org.secpod.oval:def:65414 An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.An attacker could exploit this vulnerability by run ... oval:org.secpod.oval:def:65415 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would ... oval:org.secpod.oval:def:65416 A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted file ... oval:org.secpod.oval:def:65417 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:65418 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit the vulnerability, an attacker would have to either log ... oval:org.secpod.oval:def:65419 A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.To exploit the vulnerabili ... oval:org.secpod.oval:def:65420 An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files.To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:65421 An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by ru ... oval:org.secpod.oval:def:65444 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet ... oval:org.secpod.oval:def:65445 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:65446 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:65447 An elevation of privilege vulnerability exists in the way that fdSSDP.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted appl ... oval:org.secpod.oval:def:65448 An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could ... oval:org.secpod.oval:def:65449 An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. A ... oval:org.secpod.oval:def:65450 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:65451 An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would f ... oval:org.secpod.oval:def:65452 An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to fu ... oval:org.secpod.oval:def:65453 An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; vi ... oval:org.secpod.oval:def:65454 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:65433 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially craf ... oval:org.secpod.oval:def:65434 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially craf ... oval:org.secpod.oval:def:65435 An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:65436 An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, an attacker would have to log on to an affected system and ru ... oval:org.secpod.oval:def:65438 An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applicat ... oval:org.secpod.oval:def:65440 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or ... oval:org.secpod.oval:def:65441 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to ... oval:org.secpod.oval:def:65442 A remote code execution vulnerability exists when Windows improperly handles objects in memory. To exploit the vulnerability an attacker would have to convince a user to run a specially crafted application.An attacker who successfully exploited this vulnerability could execute arbitrary code and tak ... oval:org.secpod.oval:def:65443 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system.There are multiple ways an attacker could exploit th ... oval:org.secpod.oval:def:65404 An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ... oval:org.secpod.oval:def:65405 A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.This vulnerability by itself does not allow arbitrary code exe ... oval:org.secpod.oval:def:65407 An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted ... oval:org.secpod.oval:def:65408 An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte ... oval:org.secpod.oval:def:65409 An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. A ... oval:org.secpod.oval:def:65410 A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual ... oval:org.secpod.oval:def:64993 An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to log on to the system. An a ... oval:org.secpod.oval:def:64994 An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The secu ... oval:org.secpod.oval:def:64996 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:64997 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:64998 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:64999 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full ... oval:org.secpod.oval:def:64986 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v ... oval:org.secpod.oval:def:64987 An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.A locally authenticated attacker could exploit this vulnerability by ... oval:org.secpod.oval:def:64988 An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.A locally authenticated attacker could exploit this vulnerability by ... oval:org.secpod.oval:def:64989 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacker ... oval:org.secpod.oval:def:64990 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:64991 A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent improper ... oval:org.secpod.oval:def:64949 The host is missing an important security update for KB4570505 oval:org.secpod.oval:def:63708 An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the v ... oval:org.secpod.oval:def:65489 A spoofing vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests.To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could b ... oval:org.secpod.oval:def:65491 An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerability, an attacker would first have to log on to t ... oval:org.secpod.oval:def:65492 An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system (low-integrity to medium-integrity).This vulnerability by itself does not allow arbitrar ... oval:org.secpod.oval:def:65493 A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system.An attacker could host a specially crafted website that is designed to exploit the vulnerabili ... oval:org.secpod.oval:def:65494 An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.To exploit this vulnerability, an atta ... oval:org.secpod.oval:def:65495 An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory.To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. An attacker who successfully exp ... oval:org.secpod.oval:def:65496 A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system ... oval:org.secpod.oval:def:65497 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:65498 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:65479 A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights ... oval:org.secpod.oval:def:65480 A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.Exploitation of the vulnerability requires that a program ... oval:org.secpod.oval:def:65481 A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a use ... oval:org.secpod.oval:def:65482 A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a use ... oval:org.secpod.oval:def:65483 An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ... oval:org.secpod.oval:def:65487 An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.To exploit this vulnerability, an attacker would first have to log on t ... oval:org.secpod.oval:def:64222 An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. A ... oval:org.secpod.oval:def:65500 An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, an attacker would have to log on to an affe ... oval:org.secpod.oval:def:65501 An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, a user would have to open a specially crafted ... oval:org.secpod.oval:def:65503 A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel.To exploit the vulnerability, an attacker would have to conduc ... oval:org.secpod.oval:def:65504 An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's systemTo exploit this vulnerability, an attacker would first ha ... oval:org.secpod.oval:def:65510 The host is missing an important security update for KB4570333 oval:org.secpod.oval:def:65511 The host is missing an important security update for KB4571756 oval:org.secpod.oval:def:65512 The host is missing an important security update for KB4574727 oval:org.secpod.oval:def:63783 The host is missing an important security update for KB4557957 oval:org.secpod.oval:def:63784 The host is missing an important security update for KB4560960 oval:org.secpod.oval:def:63786 The host is missing an important security update for KB4561608 oval:org.secpod.oval:def:63789 The host is missing an important security update for KB4561621 oval:org.secpod.oval:def:69049 Microsoft Windows Security Feature Bypass Vulnerability oval:org.secpod.oval:def:64345 The host is missing a critical severity security update for KB4558998 oval:org.secpod.oval:def:64346 The host is missing a critical security update for KB4565483 oval:org.secpod.oval:def:64347 The host is missing a critical security update for KB4565489 oval:org.secpod.oval:def:64348 The host is missing a critical security update for KB4565503 oval:org.secpod.oval:def:64349 The host is missing a critical security update for KB4565508 oval:org.secpod.oval:def:62555 The host is missing a critical security update for KB4550922 oval:org.secpod.oval:def:62553 The host is missing a critical security update for KB4549951 oval:org.secpod.oval:def:62552 The host is missing a critical severity security update for KB4549949 oval:org.secpod.oval:def:62521 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:59644 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.To exploit this vulnerability, an attacker would have to log on to an ... oval:org.secpod.oval:def:59641 A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a speciall ... oval:org.secpod.oval:def:57879 Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 b ... oval:org.secpod.oval:def:59710 The host is missing an important security update for KB4524570 oval:org.secpod.oval:def:59711 The host is missing an important security update for KB4523205 oval:org.secpod.oval:def:59712 The host is missing an important security update for KB4525232 oval:org.secpod.oval:def:59717 The host is missing a critical security update for KB4525237 oval:org.secpod.oval:def:59719 The host is missing a critical security update for KB4525241 oval:org.secpod.oval:def:59716 The host is missing a critical security update for KB4525236 oval:org.secpod.oval:def:57336 The host is missing an important security update for KB4507469 oval:org.secpod.oval:def:54754 The host is missing an important security update for ADV190013 oval:org.secpod.oval:def:54755 Intel published information about a new subclass of speculative execution side channel vulnerabilities known as Microarchitectural Data Sampling. An attacker who successfully exploited these vulnerabilities may be able to read privileged data across trust boundaries. In shared resource environments ... oval:org.secpod.oval:def:54758 Intel published information about a new subclass of speculative execution side channel vulnerabilities known as Microarchitectural Data Sampling. An attacker who successfully exploited these vulnerabilities may be able to read privileged data across trust boundaries. In shared resource environments ... oval:org.secpod.oval:def:54756 Intel published information about a new subclass of speculative execution side channel vulnerabilities known as Microarchitectural Data Sampling. An attacker who successfully exploited these vulnerabilities may be able to read privileged data across trust boundaries. In shared resource environments ... oval:org.secpod.oval:def:54757 Intel published information about a new subclass of speculative execution side channel vulnerabilities known as Microarchitectural Data Sampling. An attacker who successfully exploited these vulnerabilities may be able to read privileged data across trust boundaries. In shared resource environments ... oval:org.secpod.oval:def:57870 A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. T ... oval:org.secpod.oval:def:57875 A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. T ... oval:org.secpod.oval:def:57874 A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. T ... oval:org.secpod.oval:def:57873 A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. T ... oval:org.secpod.oval:def:57939 A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. T ... oval:org.secpod.oval:def:57945 The host is missing an important security update for KB4512508 oval:org.secpod.oval:def:57949 The host is missing an important security update for KB4507469 oval:org.secpod.oval:def:57948 The host is missing an important security update for KB4512501 oval:org.secpod.oval:def:94440 ASP.NET Security Feature Bypass Vulnerability. The attacker would be able to bypass the security checks that prevents an attacker from accessing internal applications in a website. oval:org.secpod.oval:def:94441 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. To exploit this vulnerability an attacker would have to inject arbitrary commands to the FTP server. The type of information that could be disclosed if an attacker successfully exploited this vulnerability would be access ... oval:org.secpod.oval:def:75283 Rich Text Edit Control Information Disclosure Vulnerability oval:org.secpod.oval:def:75360 The host is missing a critical security update for KB5006672 oval:org.secpod.oval:def:77084 Windows Hyper-V Elevation of Privilege Vulnerability. An authenticated attacker could run a specially crafted application on a vulnerable Hyper-V guest to exploit this vulnerability. An attacker who successfully exploited this vulnerability could potentially interact with processes of another Hyper- ... oval:org.secpod.oval:def:77167 The host is missing a critical security update for KB5009557 oval:org.secpod.oval:def:81541 Windows Hyper-V Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. In this case, a successful attack could be performed from a low p ... oval:org.secpod.oval:def:81560 The host is missing a critical security update for KB5014692 oval:org.secpod.oval:def:81904 Windows Hyper-V Information Disclosure Vulnerability. An attacker can gain access to uninitialized buffer information. oval:org.secpod.oval:def:81924 Windows Hyper-V Information Disclosure Vulnerability. The type of information that could be disclosed if a Hyper-V Guest attacker successfully exploited this vulnerability is data from the Hyper-V Host. Where the attack vector metric is Adjacent (A), this represents virtual machines connected via a ... oval:org.secpod.oval:def:81943 The host is missing a critical security update for KB5015811 oval:org.secpod.oval:def:82665 Windows Hyper-V Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. An authenticated attacker who successfully exploited a race condition from a Hyper-V guest could attempt to trigger maliciou ... oval:org.secpod.oval:def:82687 Windows Hyper-V Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82712 The host is missing a critical security update for KB5016623 oval:org.secpod.oval:def:85430 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. oval:org.secpod.oval:def:85461 The host is missing a critical security update for KB5019966 oval:org.secpod.oval:def:85438 Windows Digital Media Receiver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86104 Windows Hyper-V Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86112 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. Where the attack vector metric is Adjacent (A), this represents virtual machines connected via a Hyper-V Network Virtualization ... oval:org.secpod.oval:def:86155 The host is missing a critical security update for KB5021237 oval:org.secpod.oval:def:90382 The host is missing a critical security update for KB5027222 oval:org.secpod.oval:def:90365 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:98867 Windows rndismp6.sys Remote Code Execution Vulnerability. An unauthenticated attacker needs to physically connect a specially crafted USB device to exploit this vulnerability. oval:org.secpod.oval:def:98868 Windows rndismp6.sys Remote Code Execution Vulnerability. An unauthenticated attacker needs to physically connect a specially crafted USB device to exploit this vulnerability. |