Download
| Alert*
oval:org.secpod.oval:def:73228
The operating system installed on the system is Microsoft Windows 10 Version 21H1 (64 bit) oval:org.secpod.oval:def:75832 Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75353 Console Window Host Security Feature Bypass Vulnerability oval:org.secpod.oval:def:74305 Windows Recovery Environment Agent Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74334 The host is missing a critical security update for KB5005033 oval:org.secpod.oval:def:73761 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73758 Media Foundation Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:73783 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73801 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73825 Raw Image Extension Remote Code Execution Vulnerability oval:org.secpod.oval:def:73839 The host is missing a critical security update for KB5004237 oval:org.secpod.oval:def:73269 Microsoft DWM Core Library Elevation of Privilege Vulnerability. This vulnerability is subject to a local escalation of privilege attack. The attacker would most likely arrange to run an executable or script on the local computer. An attacker could gain access to the computer through a variety of me ... oval:org.secpod.oval:def:73274 The host is missing a critical security update for KB5003637 oval:org.secpod.oval:def:73258 Windows Bind Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memor ... oval:org.secpod.oval:def:78826 The host is missing an important security update for KB5012117 oval:org.secpod.oval:def:75323 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78763 Windows Hyper-V Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack V ... oval:org.secpod.oval:def:75304 Windows Bind Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:78078 Windows Update Stack Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:77680 The host is missing an important security update for KB5010342 oval:org.secpod.oval:def:75319 Microsoft DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78729 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78083 The host is missing an important security update for KB5011487 oval:org.secpod.oval:def:78772 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78843 The host is missing an important security update KB5012599 oval:org.secpod.oval:def:83875 The host is missing a critical security update for KB5017308 oval:org.secpod.oval:def:79908 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:85441 Windows Bind Filter Driver Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain administrator privileges. oval:org.secpod.oval:def:77160 Windows Defender Credential Guard Security Feature Bypass Vulnerability oval:org.secpod.oval:def:79953 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78077 Windows SMBv3 Client/Server Remote Code Execution Vulnerability. Unauthenticated attackers are not able to exploit this vulnerability. oval:org.secpod.oval:def:82676 Windows Defender Credential Guard Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could access Kerberos protected data. oval:org.secpod.oval:def:79998 The host is missing a critical security update for KB5013942 oval:org.secpod.oval:def:78764 Windows Hyper-V Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. The word Remote in the title refers to the location of the attack ... oval:org.secpod.oval:def:77648 Windows DNS Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:81545 Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability. Exploiting this vulnerability will allow an attacker to access resources that are protected by conditional access policies based solely on device compliance state. This vulnerability only affects Azure AD-joined autopi ... oval:org.secpod.oval:def:77681 The host is missing an important security update for KB5010342 oval:org.secpod.oval:def:81928 Xbox Live Save Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. The user must be authenticated into an Xbox Live account to be able to exploit this vuln ... oval:org.secpod.oval:def:81920 Windows Server Service Tampering Vulnerability. For successful exploitation, a malicious certificate needs to be imported on an affected system. An authenticated attacker could remotely upload a certificate to the Server service. oval:org.secpod.oval:def:76088 Windows 10 Update Assistant Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:82972 Windows Defender Credential Guard Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82971 Windows Defender Credential Guard Security Feature Bypass Vulnerability. A remote authenticated attacker can gain elevated privileges on the target system. oval:org.secpod.oval:def:73249 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. CVE-2021-31199 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the June securi ... oval:org.secpod.oval:def:73247 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73248 Windows DCOM Server Security Feature Bypass. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted ... oval:org.secpod.oval:def:73252 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73250 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. Microsoft CVE-2021-31201 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the J ... oval:org.secpod.oval:def:73251 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73267 Server for NFS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73268 Windows Hyper-V Denial of Service Vulnerability. By sending a specially crafted message to the Hyper-V host virtualization stack, a guest VM could cause a reference count in the host virtualization stack to be leaked. In most circumstances, this would result in a memory leak on the Hyper-V host. If ... oval:org.secpod.oval:def:73265 Server for NFS Denial of Service Vulnerability oval:org.secpod.oval:def:73266 Server for NFS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73270 Windows MSHTML Platform Remote Code Execution Vulnerability. While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. Th ... oval:org.secpod.oval:def:73271 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73259 Kerberos AppContainer Security Feature Bypass Vulnerability. In an enterprise environment this vulnerability might allow an attacker to bypass Kerberos authentication, to authenticate to an arbitrary service principal name. oval:org.secpod.oval:def:73256 Windows NTLM Elevation of Privilege Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially c ... oval:org.secpod.oval:def:73257 Scripting Engine Memory Corruption Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the fil ... oval:org.secpod.oval:def:73254 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73255 Windows NTFS Elevation of Privilege Vulnerability. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker co ... oval:org.secpod.oval:def:73263 Event Tracing for Windows Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory ... oval:org.secpod.oval:def:73264 Windows GPSVC Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73261 Windows TCP/IP Driver Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73262 Windows HTML Platform Security Feature Bypass Vulnerability. While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. Th ... oval:org.secpod.oval:def:73260 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73799 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73797 Windows Kernel Remote Code Execution Vulnerability oval:org.secpod.oval:def:73798 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73796 Windows Address Book Remote Code Execution Vulnerability oval:org.secpod.oval:def:73794 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory from the file cache. This could include unintentional read access to memory contents in kernel space from a user mode process ... oval:org.secpod.oval:def:73769 Windows LSA Denial of Service Vulnerability oval:org.secpod.oval:def:73766 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:73767 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73765 Active Directory Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73762 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73760 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73770 Windows Font Driver Host Remote Code Execution Vulnerability oval:org.secpod.oval:def:73759 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:73755 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:73756 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73753 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73751 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73752 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73750 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73788 Win32k Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73786 DirectWrite Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file: a. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the fil ... oval:org.secpod.oval:def:73787 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73784 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73785 Windows Console Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73782 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73791 Windows MSHTML Platform Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this s ... oval:org.secpod.oval:def:73792 Windows GDI Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73790 Windows GDI Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:73779 Windows Hyper-V Remote Code Execution Vulnerability. This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. oval:org.secpod.oval:def:73777 Scripting Engine Memory Corruption Vulnerability. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacke ... oval:org.secpod.oval:def:73778 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73776 Windows MSHTML Platform Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this s ... oval:org.secpod.oval:def:73773 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:73772 GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:73781 Windows AppContainer Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:73807 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73808 Windows Remote Access Connection Manager Information Disclosure Vulnerability oval:org.secpod.oval:def:73805 Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:73806 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73803 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73802 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73800 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73823 Windows Remote Assistance Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:73824 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73821 Windows Certificate Spoofing Vulnerability oval:org.secpod.oval:def:73822 Windows Partition Management Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73820 Bowser.sys Denial of Service Vulnerability oval:org.secpod.oval:def:73818 Windows Remote Access Connection Manager Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressin ... oval:org.secpod.oval:def:73819 Windows Hello Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73816 Windows File History Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73817 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73814 Windows HTML Platforms Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73815 Windows Remote Access Connection Manager Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized and/or uninitialized memory in the process heap. oval:org.secpod.oval:def:73812 Windows AF_UNIX Socket Provider Denial of Service Vulnerability oval:org.secpod.oval:def:73813 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73810 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73811 Windows Authenticode Spoofing Vulnerability oval:org.secpod.oval:def:74307 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74308 Scripting Engine Memory Corruption Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file ... oval:org.secpod.oval:def:74306 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:74303 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74304 Windows User Account Profile Picture Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74302 Windows TCP/IP Remote Code Execution Vulnerability. This is remotely triggerable by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCPIP packet to its host utilizing the TCPIP Protocol Stack (tcpip.sys) to process packets. oval:org.secpod.oval:def:73746 Windows Projected File System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73747 Windows Secure Kernel Mode Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73744 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73742 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73743 Windows InstallService Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75306 DirectX Graphics Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75303 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75302 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75301 Windows Nearby Sharing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75300 Windows NAT Denial of Service Vulnerability oval:org.secpod.oval:def:74897 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74896 Windows Subsystem for Linux Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74892 Windows Installer Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:74327 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:74328 Windows Update Medic Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74323 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:74324 Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:74321 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74322 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74318 Windows Bluetooth Driver Elevation of Privilege Vulnerability. An authorized attacker could exploit the Windows Bluetooth driver vulnerability by programatically running certain functions that could lead to elevation of privilege on the Bluetooth component. oval:org.secpod.oval:def:74319 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74316 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the machine when a victim connects to the attacking server with the vulnerable Remote Desktop Clie ... oval:org.secpod.oval:def:74317 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74314 Windows Graphics Component Font Parsing Remote Code Execution Vulnerability oval:org.secpod.oval:def:74315 Windows MSHTML Platform Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file: * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to o ... oval:org.secpod.oval:def:74312 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74313 Windows Graphics Component Remote Code Execution Vulnerability oval:org.secpod.oval:def:74310 Windows User Profile Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74311 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74309 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75299 Windows Hyper-V Remote Code Execution Vulnerability oval:org.secpod.oval:def:75298 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:75297 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75296 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75295 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75293 Windows Print Spooler Spoofing Vulnerability oval:org.secpod.oval:def:75292 Windows TCP/IP Denial of Service Vulnerability oval:org.secpod.oval:def:75291 An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an IOCTL parameter, which could lead to an out-of-bounds buffer writ ... oval:org.secpod.oval:def:75349 Windows Fast FAT File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75348 Windows exFAT File System Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:75347 Windows Fast FAT File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75346 Windows HTTP.sys Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75345 Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75344 Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability oval:org.secpod.oval:def:75354 Windows AppX Deployment Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75352 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75351 Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability. This vulnerability could allow an attacker to bypass Extended Protection for Authentication provided by SPN target name validation. oval:org.secpod.oval:def:75343 Windows Text Shaping Remote Code Execution Vulnerability oval:org.secpod.oval:def:75309 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75308 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75307 Windows AppContainer Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:75310 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75322 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75316 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75314 Windows Print Spooler Information Disclosure Vulnerability. he type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:75313 Windows Media Audio Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:75312 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:75311 Storage Spaces Controller Elevation of Privilege Vulnerability. An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an I ... oval:org.secpod.oval:def:75321 Windows MSHTML Platform Remote Code Execution Vulnerability. While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. Th ... oval:org.secpod.oval:def:75320 Windows Graphics Component Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to ... oval:org.secpod.oval:def:75822 Microsoft COM for Windows Remote Code Execution Vulnerability. An authorized attacker could exploit this Windows COM vulnerability by sending from a user mode application specially crafted malicious COM traffic directed at the COM Server, which might lead to remote code execution. oval:org.secpod.oval:def:75834 Windows Hello Security Feature Bypass Vulnerability oval:org.secpod.oval:def:77087 Windows Hyper-V Security Feature Bypass Vulnerability. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router path ... oval:org.secpod.oval:def:77083 Windows Hyper-V Security Feature Bypass Vulnerability. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router path ... oval:org.secpod.oval:def:77060 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:78049 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:77180 .NET Framework Denial of Service Vulnerability oval:org.secpod.oval:def:77654 Windows Hyper-V Remote Code Execution Vulnerability. In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment. In this case, in order to execute a succe ... oval:org.secpod.oval:def:77663 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. Successful exploitation of this vulnerability would allow a Hyper-V guest to affect the functionalit ... oval:org.secpod.oval:def:78762 Windows Hyper-V Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack V ... oval:org.secpod.oval:def:78757 .NET Framework Denial of Service Vulnerability oval:org.secpod.oval:def:79954 Windows Hyper-V Security Feature Bypass Vulnerability. This Hyper-V vulnerability relates to a Virtual Machine Switch with virtual networking in Hyper-V Network Virtualization (HNV). It might be possible to bypass extended ACLs and other Windows security feature checks. Successful exploitation of th ... oval:org.secpod.oval:def:78785 Windows Hyper-V Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack V ... oval:org.secpod.oval:def:83850 Windows Enterprise App Management Service Remote Code Execution Vulnerability. The Enterprise App Management service exposes a COM class that could allow an authenticated attacker to install arbitrary SYSTEM services that run with SYSTEM privileges, which could result in remote code execution. oval:org.secpod.oval:def:77101 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77100 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77099 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77098 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77097 Remote Procedure Call Runtime Remote Code Execution Vulnerability. An attacker with non-admin credentials can potentially carry out an exploit using this vulnerability. The authenticated attacker could take advantage of this vulnerability to execute malicious code through the RPC runtime. oval:org.secpod.oval:def:77096 Windows User Profile Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77095 DirectX Graphics Kernel File Denial of Service Vulnerability oval:org.secpod.oval:def:77094 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77093 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:77092 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. A local, authenticated attacker could gain elevated privileges through a vulnerable file system component. oval:org.secpod.oval:def:77091 DirectX Graphics Kernel Remote Code Execution Vulnerability. An attacker with non-admin credentials can potentially carry out an exploit using this vulnerability. The authenticated attacker could take advantage of a vulnerability in dxgkrnl.sys to execute an arbitrary pointer dereference in kernel m ... oval:org.secpod.oval:def:77090 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77089 HTTP Protocol Stack Remote Code Execution Vulnerability. In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. oval:org.secpod.oval:def:77088 Windows Defender Application Control Security Feature Bypass Vulnerability oval:org.secpod.oval:def:77086 Windows GDI Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:77081 DirectX Graphics Kernel Remote Code Execution Vulnerability oval:org.secpod.oval:def:77080 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77059 Windows Certificate Spoofing Vulnerability. A successful attacker could bypass the WPBT binary verification by using a small number of compromised certificates. Microsoft has added those certificates to the Windows kernel driver block list, driver.stl. Certificates on the driver.stl will be blocked ... oval:org.secpod.oval:def:77058 Microsoft Cryptographic Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77057 Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77079 Windows User Profile Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77078 Remote Desktop Protocol Remote Code Execution Vulnerability. An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could read or tamper with clipboard contents and the victim's filesystem contents. oval:org.secpod.oval:def:77077 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77075 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77073 Win32k Elevation of Privilege Vulnerability. A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver. oval:org.secpod.oval:def:77072 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77071 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77070 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77069 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77068 Win32k Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77067 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77066 Connected Devices Platform Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77065 Windows Accounts Control Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77064 Windows Bind Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77063 Active Directory Domain Services Elevation of Privilege Vulnerability. This update resolves an elevation of privilege vulnerability specific to Active Directory Domain Services environments with incoming trusts. Prior to this update, an attacker could elevate privileges across the trust boundary und ... oval:org.secpod.oval:def:77062 Remote Desktop Client Remote Code Execution Vulnerability. An authenticated user might be tricked into connecting to a malicious remote desktop server in which the remote desktop host server sends a specially crafted PDU (Server RDP Preconnection) targeting the remote client's drive redirection virt ... oval:org.secpod.oval:def:77061 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:78050 Media Foundation Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:78051 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:78052 Media Foundation Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:78053 Point-to-Point Tunneling Protocol Denial of Service Vulnerability oval:org.secpod.oval:def:78054 Windows Common Log File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:78055 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78056 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78057 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:77159 Windows Kerberos Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to a domain admin. oval:org.secpod.oval:def:77161 Workstation Service Remote Protocol Security Feature Bypass Vulnerability oval:org.secpod.oval:def:78047 Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. oval:org.secpod.oval:def:77128 Windows Cleanup Manager Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:77127 Windows Devices Human Interface Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77126 Windows Geolocation Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:77136 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77135 Windows IKE Extension Remote Code Execution Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. In an environment where Internet Key Exchange (IKE) version 2 is enabled, a remote attacker could trigger multiple vulnerabilities without being authenticated. oval:org.secpod.oval:def:77134 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77133 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77131 Virtual Machine IDE Drive Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77149 Windows Storage Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77148 Windows Security Center API Remote Code Execution Vulnerability oval:org.secpod.oval:def:77158 Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass oval:org.secpod.oval:def:77156 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77155 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77154 Secure Boot Security Feature Bypass Vulnerability oval:org.secpod.oval:def:77153 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77152 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77151 Windows Modern Execution Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77150 Windows IKE Extension Denial of Service Vulnerability. Only systems with the IPSec service running are vulnerable to this attack. oval:org.secpod.oval:def:77139 Windows Application Model Core API Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77138 Task Flow Data Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77137 Windows AppContracts API Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77147 Tile Data Repository Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77146 Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77145 Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77144 Clipboard User Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77143 Windows Push Notifications Apps Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:77142 Windows System Launcher Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77141 Windows UI Immersive Server API Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77140 Windows StateRepository API Server file Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77104 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77103 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77102 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker with physical access to a vulnerable system could insert a specially crafted USB device. This vulnerability can also be exploited through a Local attack vector. An attacker authentica ... oval:org.secpod.oval:def:77649 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:77647 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77646 Roaming Security Rights Management Services Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:77645 Windows Runtime Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:77653 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77652 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a us ... oval:org.secpod.oval:def:77651 Windows Mobile Device Management Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:77650 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. In this case, a successful attack could be performed from a low privilege AppContainer. The atta ... oval:org.secpod.oval:def:77666 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77665 Windows Print Spooler Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:77659 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77658 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77657 Windows Common Log File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:77656 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:77664 Named Pipe File System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:77662 Windows Common Log File System Driver Denial of Service Vulnerability oval:org.secpod.oval:def:77661 Windows User Account Profile Picture Denial of Service Vulnerability oval:org.secpod.oval:def:77660 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78060 Windows DWM Core Library Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78061 Windows Inking COM Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78062 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78063 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78064 Windows Event Tracing Remote Code Execution Vulnerability. An attacker with non-admin credentials can potentially carry out an exploit using this vulnerability. The authenticated attacker could potentially take advantage of this vulnerability to execute malicious code through the Event Log's Remote ... oval:org.secpod.oval:def:78065 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78066 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode proce ... oval:org.secpod.oval:def:78067 Windows NT OS Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78068 Windows PDEV Elevation of Privilege Vulnerability. A Windows PDEV is a logical representation of the physical device. It is characterized by the type of hardware, logical address, and surfaces that can be supported. As an example of a driver supporting a PDEV characterized by the type of hardware, o ... oval:org.secpod.oval:def:78069 Windows Security Support Provider Interface Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78058 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78059 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78071 Windows Fax and Scan Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78072 Tablet Windows User Interface Application Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78073 Windows HTML Platforms Security Feature Bypass Vulnerability oval:org.secpod.oval:def:78074 Remote Desktop Protocol Client Information Disclosure Vulnerability. An attacker could potentially read small portions of heap memory. oval:org.secpod.oval:def:78075 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78076 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78732 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78733 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78734 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78735 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78736 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78737 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78738 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78739 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78730 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78731 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78721 Windows SMB Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially cra ... oval:org.secpod.oval:def:78722 Win32 Stream Enumeration Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this ... oval:org.secpod.oval:def:78724 Windows Server Service Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this sp ... oval:org.secpod.oval:def:78725 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78726 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78727 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78728 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78755 Windows LDAP Denial of Service Vulnerability oval:org.secpod.oval:def:78756 Windows LDAP Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. oval:org.secpod.oval:def:78753 Windows DNS Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:78720 Local Security Authority (LSA) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78716 Win32 Stream Enumeration Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this ... oval:org.secpod.oval:def:78717 Win32 File Enumeration Remote Code Execution Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this sp ... oval:org.secpod.oval:def:78718 Windows Local Security Authority (LSA) Remote Code Execution Vulnerability. In order to exploit this vulnerability the attacker is required to be a local user with a smart card or already logged on remotely through RDP to the remote machine. The authorized attacker could then exploit this Windows LS ... oval:org.secpod.oval:def:78719 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode proce ... oval:org.secpod.oval:def:78780 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78781 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78782 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to trick a user into executing a specially crafted script which executes an RPC call to an RPC host. This could result in remote code execution on the server side with the same pe ... oval:org.secpod.oval:def:78783 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78784 Remote Desktop Protocol Remote Code Execution Vulnerability oval:org.secpod.oval:def:78776 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to trick a user into executing a specially crafted script which executes an RPC call to an RPC host. This could result in remote code execution on the server side with the same pe ... oval:org.secpod.oval:def:78777 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78778 Windows Direct Show - Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the At ... oval:org.secpod.oval:def:78779 Windows iSCSI Target Service Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:78771 Windows Kerberos Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78775 Windows Network File System Remote Code Execution Vulnerability. This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows m ... oval:org.secpod.oval:def:78766 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78767 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78768 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78769 Windows Kernel Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of certain kernel memory content. oval:org.secpod.oval:def:78788 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78789 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79950 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79951 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to trick a user into executing a specially crafted script which executes an RPC call to an RPC host. This could result in remote code execution on the server side with the same pe ... oval:org.secpod.oval:def:79952 Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution ... oval:org.secpod.oval:def:79947 Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution ... oval:org.secpod.oval:def:79948 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79949 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79936 .NET Framework Denial of Service Vulnerability oval:org.secpod.oval:def:79971 Windows WLAN AutoConfig Service Denial of Service Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would includ ... oval:org.secpod.oval:def:79965 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79967 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79968 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user import a specially crafted contact record and sends it a FAX. oval:org.secpod.oval:def:79960 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79961 Windows WLAN AutoConfig Service Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:79962 Windows Server Service Information Disclosure Vulnerability. The Windows Server Service is frequently referred to as LanmanServer, and is responsible for making printer and file sharing possible within a Windows powered network. The presence of specific file names and users can be confirmed over the ... oval:org.secpod.oval:def:79955 Active Directory Domain Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79956 Windows LSA Spoofing Vulnerability. An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM. This security update detects anonymous connection attempts in LSARPC and disallows it. oval:org.secpod.oval:def:79957 Windows Address Book Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. Exploitation of the vulnerability requires that a ... oval:org.secpod.oval:def:79958 Windows Graphics Component Remote Code Execution Vulnerability. There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType ... oval:org.secpod.oval:def:79959 Windows NTFS Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of certain kernel memory content. oval:org.secpod.oval:def:78810 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:78811 Windows Fax Compose Form Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user employ a specially crafted malicious contact record to send a FAX. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted contact re ... oval:org.secpod.oval:def:78812 Windows Fax Compose Form Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user employ a specially crafted malicious contact record to send a FAX. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted contact re ... oval:org.secpod.oval:def:78813 Windows Fax Compose Form Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user employ a specially crafted malicious contact record to send a FAX. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted contact re ... oval:org.secpod.oval:def:78814 Windows Graphics Component Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:78815 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79904 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:78816 Windows Network File System Remote Code Execution Vulnerability. This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows m ... oval:org.secpod.oval:def:79905 Windows LDAP Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted request to a vulnerable server. Successful exploitation could result in the attacker's code running in the context of the SYSTEM account.. oval:org.secpod.oval:def:79906 Windows PlayToManager Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79909 Windows Authentication Security Feature Bypass Vulnerability oval:org.secpod.oval:def:78800 Windows Work Folder Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78801 Windows File Explorer Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78802 Remote Procedure Call Runtime Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. oval:org.secpod.oval:def:78803 Windows File Server Resource Management Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78804 Windows File Server Resource Management Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78805 Windows Bluetooth Driver Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78807 Windows Graphics Component Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that t ... oval:org.secpod.oval:def:78808 Windows User Profile Service Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:78809 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79920 Windows Push Notifications Apps Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79921 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:79922 Windows LDAP Remote Code Execution Vulnerability. This vulnerability could be exploited over the network by an authenticated normal user through a low complexity attack on a server configured as the domain controller. oval:org.secpod.oval:def:79923 Windows LDAP Remote Code Execution Vulnerability. This vulnerability could be exploited over the network by an authenticated normal user through a low complexity attack on a server configured as the domain controller. oval:org.secpod.oval:def:79924 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79925 Windows Print Spooler Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:79910 Windows Remote Access Connection Manager Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressin ... oval:org.secpod.oval:def:79911 Windows Kerberos Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:79916 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79917 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:79918 Windows Digital Media Receiver Elevation of Privilege Vulnerability. In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer exec ... oval:org.secpod.oval:def:79919 Windows Print Spooler Information Disclosure Vulnerability oval:org.secpod.oval:def:78799 PowerShell Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78790 Windows Kerberos Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78791 Windows Kerberos Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack ... oval:org.secpod.oval:def:78792 Windows DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78793 Windows Digital Media Receiver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78794 Windows AppX Package Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:78795 Windows Telephony Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:79974 Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:81899 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81898 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81892 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open ... oval:org.secpod.oval:def:81891 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:81890 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Successful exploitation of th ... oval:org.secpod.oval:def:81895 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open ... oval:org.secpod.oval:def:81894 Windows CSRSS Elevation of Privilege Vulnerability. A locally authenticated attacker could send specially crafted data to the local CSRSS service to elevate their privileges from AppContainer to SYSTEM. Because the AppContainer environment is considered a defensible security boundary, any process th ... oval:org.secpod.oval:def:81893 Windows Internet Information Services Cachuri Module Denial of Service Vulnerability oval:org.secpod.oval:def:79980 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79982 Windows LDAP Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited this could allow the malicious server to ga ... oval:org.secpod.oval:def:79983 Windows LDAP Remote Code Execution Vulnerability oval:org.secpod.oval:def:79984 Windows Kernel Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:79975 Windows LDAP Remote Code Execution Vulnerability. This vulnerability could be exploited over the network by an authenticated normal user through a low complexity attack on a server configured as the domain controller. oval:org.secpod.oval:def:79976 Windows LDAP Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted request to a vulnerable server. Successful exploitation could result in the attacker's code running in the context of the SYSTEM account. This vulnerability is only exploitable if the MaxRece ... oval:org.secpod.oval:def:81908 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:81907 Windows CSRSS Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81906 Windows.Devices.Picker.dll Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81905 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. An attacker could potentially exploit this vulnerability to elevate privileges from a client-side application sandbox in earlier Microsoft operating systems. However, mitigation technologies in later Microsoft operating system ... oval:org.secpod.oval:def:81909 Windows CSRSS Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81900 Remote Procedure Call Runtime Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. oval:org.secpod.oval:def:81903 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81902 Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker can force a bad response to be cached into a regu ... oval:org.secpod.oval:def:81911 Windows BitLocker Information Disclosure Vulnerability. An attacker could access unencrypted parts of a BitLocker encrypted storage device if the administrator resizes the OS volume while concurrently provisioning the drive with BitLocker encryption. An attacker who successfully exploited this vulne ... oval:org.secpod.oval:def:81910 Windows Fax Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81913 Windows Group Policy Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain domain administrator privileges. Successful exploitation of this vulnerability r ... oval:org.secpod.oval:def:81912 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81546 Windows SMB Denial of Service Vulnerability. The vulnerability assigned to this CVE was originally classified as a stability bug in Windows. Rapid7 discovered that this bug could be used to cause a denial of service condition on affected versions of Windows. Microsoft had provided an update to addre ... oval:org.secpod.oval:def:81540 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:81544 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81543 Windows Kerberos Elevation of Privilege Vulnerability. An authenticated attacker could exploit this vulnerability to elevate privileges and then spoof the Kerberos logon process when a remote credential guard connection is made via CredSSP over the network. Systems configured to activate both of the ... oval:org.secpod.oval:def:81542 Kerberos AppContainer Security Feature Bypass Vulnerability. An attacker could bypass the Kerberos service ticketing feature which performs user access control checks. An low privilege attacker could execute a script within an App Container to request a service ticket and thereby gain elevation to t ... oval:org.secpod.oval:def:81537 Windows Kernel Denial of Service Vulnerability. This vulnerability could be exploited if an authenticated user opens a specially crafted file locally or browses to that file on a network share when running an unpatched version of Windows. When the user browses or lists the maliciously crafted file t ... oval:org.secpod.oval:def:81535 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited thi ... oval:org.secpod.oval:def:81534 Windows Network Address Translation (NAT) Denial of Service Vulnerability oval:org.secpod.oval:def:81539 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited thi ... oval:org.secpod.oval:def:81538 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81533 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:81532 Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. oval:org.secpod.oval:def:81531 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. An authenticated victim who is connected to the network must be tricked or pe ... oval:org.secpod.oval:def:81530 Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. An attacker that successfully exploited this vulnerability could recover plaintext passwords and usernames from log files. oval:org.secpod.oval:def:81526 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. Successful expl ... oval:org.secpod.oval:def:81525 Windows File History Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. This vulnerability could be triggered when a windows client connects to a malicious remote share. oval:org.secpod.oval:def:81524 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. An unauthentica ... oval:org.secpod.oval:def:81523 Windows iSCSI Discovery Service Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. Successful exploitation of this vulnerability requires a user to place a call to trigge ... oval:org.secpod.oval:def:81529 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81528 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. An authenticated victim who is connected to the network must be tricked or pe ... oval:org.secpod.oval:def:81527 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:81522 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. Successful expl ... oval:org.secpod.oval:def:81519 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:81929 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. On machines with slow or older USB controller hardware, the Group policy might have (silently) failed to apply. On such machines, the attacker can trivially exploit this enforcement failure by attaching a USB storage d ... oval:org.secpod.oval:def:81927 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:81922 Windows Graphics Component Remote Code Execution Vulnerability. An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could execute code on the victim's system in the context of the targeted user. oval:org.secpod.oval:def:81921 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81926 Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could affect the integrity and availability because they could delete privileged registry keys. Confidentiality is not affected by a successful attack, however ... oval:org.secpod.oval:def:81925 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81923 Windows Shell Remote Code Execution Vulnerability. An unauthenticated attacker could interact with the login screen of a vulnerable system in a specific manner to execute code on that system. oval:org.secpod.oval:def:81917 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is a pointer leak to the process user-mode address space in the internal memory of the application that is using GDI+. oval:org.secpod.oval:def:81916 Windows IIS Server Elevation of Privilege Vulnerability. An attacker who successfully exploited the vulnerability could bypass authentication on Windows IIS Server. Attackers might be able to post or get information from the Web Service (CVSS metrics C:H/I:H), but would not be able to disrupt the se ... oval:org.secpod.oval:def:81915 Windows Security Account Manager (SAM) Denial of Service Vulnerability oval:org.secpod.oval:def:81914 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82680 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:82678 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82673 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:82672 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82671 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82670 Windows Defender Credential Guard Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82677 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and ... oval:org.secpod.oval:def:82675 Windows Defender Credential Guard Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could access Kerberos protected data. oval:org.secpod.oval:def:82674 Windows Defender Credential Guard Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Kerberos protection used by Defender Credential Guard. oval:org.secpod.oval:def:82669 Windows Defender Credential Guard Information Disclosure Vulnerability. An attacker that successfully exploited this vulnerability could recover plaintext from TLS-protected data. oval:org.secpod.oval:def:82668 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82667 Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability oval:org.secpod.oval:def:82662 Windows Kernel Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could bypass KASLR (Kernel Address Space Layout Randomization). Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82661 Windows WebBrowser Control Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. Any authenticated user could trigger this vulnerability. It does not require admin or ... oval:org.secpod.oval:def:82660 Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine. oval:org.secpod.oval:def:82666 Windows Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82664 Active Directory Domain Services Elevation of Privilege Vulnerability. A system is vulnerable only if Active Directory Certificate Services is running on the domain. An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Direc ... oval:org.secpod.oval:def:82663 Windows Fax Service Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:82694 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82693 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82692 Windows Local Security Authority (LSA) Denial of Service Vulnerability oval:org.secpod.oval:def:82691 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:82690 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker must send the user a malicious input file and convince the user to open said input file. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82689 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. The vulnerable system can be exploited without any interaction from any user. oval:org.secpod.oval:def:82684 Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. An unauthenticated attacker could send a specially crafted connection request to a RA ... oval:org.secpod.oval:def:82683 Windows Digital Media Receiver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82682 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82681 Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine. oval:org.secpod.oval:def:82688 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. The vulnerable system can be exploited without any interaction from any user. oval:org.secpod.oval:def:82686 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82685 Windows Digital Media Receiver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82639 Windows Bluetooth Service Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. oval:org.secpod.oval:def:82657 Windows Bluetooth Driver Elevation of Privilege Vulnerability. An authorized local attacker could exploit this Windows Bluetooth driver vulnerability by programmatically running certain functions to arbitrarily gain registry key creation and deletion in the bthport.sys driver. oval:org.secpod.oval:def:82651 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82650 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82655 Windows Error Reporting Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82654 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82653 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82652 Storage Spaces Direct Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. oval:org.secpod.oval:def:82648 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82647 Windows Kerberos Elevation of Privilege Vulnerability. Exploitation of this vulnerability requires that a user trigger the payload in the application. A domain user could use this vulnerability to elevate privileges to a domain admin. oval:org.secpod.oval:def:82646 Unified Write Filter Elevation of Privilege Vulnerability oval:org.secpod.oval:def:82649 Microsoft ATA Port Driver Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82640 Windows Partition Management Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82644 Windows Partition Management Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82643 CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:82642 CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:82641 CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass. An attacker who successfully exploited this vulnerability could bypass Secure Boot. oval:org.secpod.oval:def:81933 Windows Boot Manager Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass Secure Boot. Successful exploitation of this vulnerability could allow an attacker to access the pre-boot environment. oval:org.secpod.oval:def:81931 Performance Counters for Windows Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:81930 Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:81935 Windows Connected Devices Platform Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. S ... oval:org.secpod.oval:def:81934 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data. oval:org.secpod.oval:def:84757 Windows Resilient File System Elevation of Privilege. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84750 Windows CryptoAPI Spoofing Vulnerability. An attacker could manipulate an existing public x.509 certificate to spoof their identify and perform actions such as authentication or code signing as the targeted certificate. oval:org.secpod.oval:def:83849 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83844 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83845 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83846 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83847 Windows Graphics Component Information Disclosure Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user t ... oval:org.secpod.oval:def:83841 Windows Remote Access Connection Manager Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:83842 Windows Event Tracing Denial of Service Vulnerability oval:org.secpod.oval:def:83843 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:83837 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83838 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83839 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83833 Windows GDI Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83834 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83835 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This c ... oval:org.secpod.oval:def:83836 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83830 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83831 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:83832 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:83860 Windows Graphics Component Information Disclosure Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user t ... oval:org.secpod.oval:def:83859 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83855 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory. oval:org.secpod.oval:def:83857 Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. An attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code exe ... oval:org.secpod.oval:def:83858 Windows Fax Service Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open t ... oval:org.secpod.oval:def:83851 DirectX Graphics Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83852 Windows Group Policy Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83853 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83854 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82701 Windows Hello Security Feature Bypass Vulnerability. An attacker who successfully exploited this vulnerability could bypass the Windows Hello Facial Recognition security feature. oval:org.secpod.oval:def:82700 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:83827 Windows TCP/IP Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine. oval:org.secpod.oval:def:83829 Windows ALPC Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:83822 Windows Credential Roaming Service Elevation of Privilege Vulnerability. Exploitation of the vulnerability requires that a user to log in to Windows. An attacker who successfully exploited the vulnerability could gain remote interactive logon rights to a machine where the victim's account would not ... oval:org.secpod.oval:def:83823 Windows Secure Channel Denial of Service Vulnerability. An unauthenticated attacker could exploit the vulnerability by sending specially crafted network traffic to the TLS server and could cause it to crash. An attacker who successfully exploited this vulnerability might be able to disclose a single ... oval:org.secpod.oval:def:83824 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:82967 Windows Defender Credential Guard Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:83815 Windows Distributed File System (DFS) Elevation of Privilege Vulnerability. A local authenticated attacker could gain elevated privileges through a vulnerable DFS client, which could allow the attacker to locally execute arbitrary code in the kernel. oval:org.secpod.oval:def:82724 The host is missing an important security update for KB5012170 oval:org.secpod.oval:def:82966 Windows Defender Credential Guard Security Feature Bypass Vulnerability. A remote authenticated attacker can gain elevated privileges on the target system. oval:org.secpod.oval:def:83816 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability oval:org.secpod.oval:def:83817 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. oval:org.secpod.oval:def:83818 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. oval:org.secpod.oval:def:83814 Windows Photo Import API Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84763 Web Account Manager Information Disclosure Vulnerability. An attacker who successfully exploited this vulnerability could view unbound refresh tokens issued by one cloud on a different cloud. oval:org.secpod.oval:def:82695 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote c ... oval:org.secpod.oval:def:82699 Windows Print Spooler Elevation of Privilege Vulnerability. The user would have to click on a specially crafted URL to be compromised by the attacker. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:82698 Windows Defender Credential Guard Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:82697 Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability oval:org.secpod.oval:def:82696 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84855 Windows Graphics Component Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to gain SYSTEM privileges. oval:org.secpod.oval:def:84817 Win32k Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86113 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker could potentially exploit this vulnerability to elevate privileges from a client-side application sandbox in earlier Microsoft operating systems. However, mitigation technologies in later Microsoft operating systems make th ... oval:org.secpod.oval:def:86115 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86110 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86111 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86107 Windows Projected File System Elevation of Privilege Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86106 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86109 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. A successful attack could be performed from a low privilege AppContainer. The attacker could get unauthorized access t ... oval:org.secpod.oval:def:86108 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86103 Windows Fax Compose Form Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. For the vulnerability to be exploitable, the Windows Fax and Scan feature needs to be enabled, and the Fax service needs to be runni ... oval:org.secpod.oval:def:85497 .NET Framework Information Disclosure Vulnerability oval:org.secpod.oval:def:86102 Windows Graphics Component Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:86105 Windows Graphics Component Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:85429 Windows Group Policy Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85426 AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the la ... oval:org.secpod.oval:def:85443 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85442 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85445 Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:85444 Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability. oval:org.secpod.oval:def:85440 Windows GDI+ Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could expl ... oval:org.secpod.oval:def:85439 Microsoft DWM Core Library Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85436 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85435 Windows HTTP.sys Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85437 Windows Group Policy Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires the attacker to have privileges to create Group Policy Templates. As is best practice, regular validation and audits of administrative groups should be conducted. An attacker who success ... oval:org.secpod.oval:def:85432 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability. A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. oval:org.secpod.oval:def:85434 Windows Kerberos Denial of Service Vulnerability oval:org.secpod.oval:def:85433 Windows Graphics Component Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:86150 The host is missing a security update for ADV220005 oval:org.secpod.oval:def:81932 HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data. This CVE is regarding a vulnerability in the curl open source library which is used by Windows. The July 2022 Windows Security Updates includes the most recent version of thi ... oval:org.secpod.oval:def:77129 Open Source Curl Remote Code Execution Vulnerability. This CVE is regarding a vulnerability in the curl open source library which is used by Windows. oval:org.secpod.oval:def:77130 Libarchive Remote Code Execution Vulnerability. CVE-2021-36976 is regarding a vulnerability in the libarchive open source library which is used by Windows. The January 2022 Windows Security Updates include the most recent version of this library which addresses the vulnerability and others. oval:org.secpod.oval:def:75358 The host is missing a critical security update for KB5006670 oval:org.secpod.oval:def:77163 The host is missing a critical security update for KB5009543 oval:org.secpod.oval:def:77084 Windows Hyper-V Elevation of Privilege Vulnerability. An authenticated attacker could run a specially crafted application on a vulnerable Hyper-V guest to exploit this vulnerability. An attacker who successfully exploited this vulnerability could potentially interact with processes of another Hyper- ... oval:org.secpod.oval:def:81541 Windows Hyper-V Remote Code Execution Vulnerability. To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. In this case, a successful attack could be performed from a low p ... oval:org.secpod.oval:def:81904 Windows Hyper-V Information Disclosure Vulnerability. An attacker can gain access to uninitialized buffer information. oval:org.secpod.oval:def:81924 Windows Hyper-V Information Disclosure Vulnerability. The type of information that could be disclosed if a Hyper-V Guest attacker successfully exploited this vulnerability is data from the Hyper-V Host. Where the attack vector metric is Adjacent (A), this represents virtual machines connected via a ... oval:org.secpod.oval:def:81939 The host is missing a critical security update for KB5015807 oval:org.secpod.oval:def:82665 Windows Hyper-V Remote Code Execution Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. An authenticated attacker who successfully exploited a race condition from a Hyper-V guest could attempt to trigger maliciou ... oval:org.secpod.oval:def:82710 The host is missing a critical security update for KB5016616 oval:org.secpod.oval:def:82687 Windows Hyper-V Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85430 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. oval:org.secpod.oval:def:85438 Windows Digital Media Receiver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86104 Windows Hyper-V Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:86112 Windows Hyper-V Denial of Service Vulnerability. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. Where the attack vector metric is Adjacent (A), this represents virtual machines connected via a Hyper-V Network Virtualization ... oval:org.secpod.oval:def:86151 The host is missing a critical security update for KB5021233 oval:org.secpod.oval:def:77162 Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability oval:org.secpod.oval:def:81888 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. oval:org.secpod.oval:def:75283 Rich Text Edit Control Information Disclosure Vulnerability oval:org.secpod.oval:def:81889 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. oval:org.secpod.oval:def:81558 The host is missing an important security update for ADV220002 oval:org.secpod.oval:def:81515 Intel: CVE-2022-21125 Shared Buffers Data Sampling (SBDS). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. This CVE is being documente ... oval:org.secpod.oval:def:81514 Intel: CVE-2022-21123 Shared Buffers Data Read (SBDR). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. This CVE is being documented in ... oval:org.secpod.oval:def:81517 Intel: CVE-2022-21166 Device Register Partial Write (DRPW). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. This CVE is being document ... oval:org.secpod.oval:def:81516 Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update). The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. Thi ... oval:org.secpod.oval:def:74899 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:74898 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space ... oval:org.secpod.oval:def:74895 Windows WLAN AutoConfig Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:74893 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74894 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74888 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74889 Windows Authenticode Spoofing Vulnerability oval:org.secpod.oval:def:74886 Windows Scripting Engine Memory Corruption Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open ... oval:org.secpod.oval:def:74887 Windows Bind Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74891 Windows Installer Denial of Service Vulnerability oval:org.secpod.oval:def:74890 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:74931 The host is missing a critical security update for KB5005565 oval:org.secpod.oval:def:74916 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74917 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74914 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74915 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74912 Windows Storage Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:74913 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74910 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode pro ... oval:org.secpod.oval:def:74911 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode pro ... oval:org.secpod.oval:def:74907 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:74908 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74905 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a ... oval:org.secpod.oval:def:74906 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74903 Windows Key Storage Provider Security Feature Bypass Vulnerability. A successful attacker could bypass the Windows Key Storage Provider which issues key certificates for trust in attestation scenarios. oval:org.secpod.oval:def:74904 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74901 Windows SMB Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74902 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74900 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74909 Microsoft Windows Update Client Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76439 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:76437 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76436 NTFS Set Short Name Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76435 Windows Recovery Environment Agent Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76434 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76433 Windows Setup Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76443 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76441 Windows Digital Media Receiver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76440 Windows TCP/IP Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76429 Remote Desktop Client Remote Code Execution Vulnerability oval:org.secpod.oval:def:76428 Windows Event Tracing Remote Code Execution Vulnerability oval:org.secpod.oval:def:76427 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76426 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76425 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76424 SymCrypt Denial of Service Vulnerability oval:org.secpod.oval:def:76423 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76422 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76432 Microsoft Message Queuing Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:76431 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76430 Windows Fax Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:76444 Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76419 Microsoft Message Queuing Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:76418 DirectX Graphics Kernel File Denial of Service Vulnerability oval:org.secpod.oval:def:76417 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. oval:org.secpod.oval:def:76416 Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode proc ... oval:org.secpod.oval:def:76415 iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution. An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution. oval:org.secpod.oval:def:76414 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76413 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76421 Windows Common Log File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76420 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76467 The host is missing a critical security update for KB5008212 oval:org.secpod.oval:def:84758 Windows DHCP Client Information Disclosure Vulnerability. An attacker who successfully exploited the vulnerability could potentially read User Mode Service Memory. oval:org.secpod.oval:def:84759 Windows Storage Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:84754 Windows DHCP Client Elevation of Privilege Vulnerability. An authenticated attacker could leverage a specially crafted RPC call to the DHCP service to exploit this vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84755 Windows Event Logging Service Denial of Service Vulnerability. The performance can be interrupted and/or reduced, but the attacker cannot fully deny service. oval:org.secpod.oval:def:84756 Windows Local Session Manager (LSM) Denial of Service Vulnerability. In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer exec ... oval:org.secpod.oval:def:84751 Windows Local Session Manager (LSM) Denial of Service Vulnerability. This vulnerability could lead to a contained execution environment escape. oval:org.secpod.oval:def:84780 Windows NTLM Spoofing Vulnerability. The user would have to access a malicious folder or directory. Users should never open anything that they do not know or trust to be safe. oval:org.secpod.oval:def:84781 Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. oval:org.secpod.oval:def:84779 Windows TCP/IP Driver Denial of Service Vulnerability. Systems are not affected if IPv6 is disabled on the target machine. oval:org.secpod.oval:def:84775 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84776 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84777 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84778 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84760 Windows USB Serial Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unintentional read access from uninitialized memory, which can be from either kernel memory or another user-mode process. oval:org.secpod.oval:def:84761 Windows CD-ROM File System Driver Remote Code Execution Vulnerability. The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. oval:org.secpod.oval:def:84762 Server Service Remote Protocol Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:84797 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:84798 Windows Group Policy Preference Client Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84799 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84793 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84794 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84795 Windows Group Policy Preference Client Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84796 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84790 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84791 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84792 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84786 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:84787 Microsoft DWM Core Library Elevation of Privilege Vulnerability. This vulnerability is subject to a local escalation of privilege attack. The attacker would most likely arrange to run an executable or script on the local computer. An attacker could gain access to the computer through a variety of me ... oval:org.secpod.oval:def:84788 Windows WLAN Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84789 Windows Win32k Elevation of Privilege Vulnerability. An attacker could use this vulnerability to elevate privileges from Low Integrity Level in a contained ("sandboxed") excution environment to escalate to a Medium Integrity Level or a High Integrity Level. oval:org.secpod.oval:def:84782 Windows DWM Core Library Elevation of Privilege Vulnerability. This vulnerability is subject to a local escalation of privilege attack. The attacker would most likely arrange to run an executable or script on the local computer. An attacker could gain access to the computer through a variety of meth ... oval:org.secpod.oval:def:84783 Windows Mixed Reality Developer Tools Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. An attacker could exploit this vulnerability by conv ... oval:org.secpod.oval:def:84784 Windows Group Policy Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:84785 Windows Hyper-V Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. An attacker on a Nested Hyper-V ... oval:org.secpod.oval:def:84852 Windows Graphics Component Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to gain SYSTEM privileges. oval:org.secpod.oval:def:84853 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. Successful exploitation could lead to a contained execution environment escape oval:org.secpod.oval:def:84854 Active Directory Domain Services Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to could gain domain administrator privileges. oval:org.secpod.oval:def:84850 Windows Graphics Component Information Disclosure Vulnerability. Successful exploitation could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:84851 Windows Group Policy Preference Client Elevation of Privilege Vulnerability. Successful exploitation could allow attacker to gain SYSTEM privileges. oval:org.secpod.oval:def:84849 Windows Active Directory Certificate Services Security Feature Bypass oval:org.secpod.oval:def:84848 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability oval:org.secpod.oval:def:84844 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:84816 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84818 Windows COM+ Event System Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84819 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. To exploit this vulnerability, an attacker would need to send a specially crafted malicious PPTP packet to a PPTP server. This co ... oval:org.secpod.oval:def:84812 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84813 Microsoft ODBC Driver Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the perm ... oval:org.secpod.oval:def:84814 Windows Secure Channel Denial of Service Vulnerability oval:org.secpod.oval:def:84815 Windows Security Support Provider Interface Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of certain kernel memory content. oval:org.secpod.oval:def:84810 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84811 Windows Kernel Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84805 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. T ... oval:org.secpod.oval:def:84806 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. On machines with slow or older USB controller hardware, the Group policy might have (silently) failed to apply. On such machines, the attacker can trivially exploit this enforcement failure by attaching a USB storage d ... oval:org.secpod.oval:def:84807 Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability. An attacker who successfully exploits this vulnerability would be able to remotely read registry keys under HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactPaths\Machine not normally acc ... oval:org.secpod.oval:def:84808 Windows Workstation Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could execute RPC functions that are restricted to local clients only. oval:org.secpod.oval:def:84801 Windows Kernel Elevation of Privilege Vulnerability. An attacker would only be able to delete empty folders on a vulnerable system in the context of the SYSTEM account. They would not gain privileges to view or modify file contents or delete folders containing files. oval:org.secpod.oval:def:84804 Windows ALPC Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:84800 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires an attacker to win a race condition. An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. oval:org.secpod.oval:def:75809 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75808 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability. A remote code execution vulnerability exists when a VM guest fails to properly handle communication on a VMBus channel. To exploit the vulnerability, an authenticated attacker could send a specially crafted communication on t ... oval:org.secpod.oval:def:75829 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75827 Windows Feedback Hub Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75826 Chakra Scripting Engine Memory Corruption Vulnerability oval:org.secpod.oval:def:75824 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75823 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:75821 Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability oval:org.secpod.oval:def:75820 Windows Installer Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75819 Windows NTFS Remote Code Execution Vulnerability oval:org.secpod.oval:def:75818 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75817 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. oval:org.secpod.oval:def:75816 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75815 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75814 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75813 Windows Denial of Service Vulnerability oval:org.secpod.oval:def:75812 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:75811 Remote Desktop Protocol Client Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized and/or uninitialized memory in the process heap. oval:org.secpod.oval:def:75810 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. oval:org.secpod.oval:def:75840 The host is missing a critical security update for KB5007186 oval:org.secpod.oval:def:75839 The host is installed with Edge-Chromium and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:75831 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:84803 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. oval:org.secpod.oval:def:85458 The host is missing a critical security update for KB5019959 oval:org.secpod.oval:def:81562 The host is missing a critical security update for KB5014699 oval:org.secpod.oval:def:80436 A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, vie ... oval:org.secpod.oval:def:76446 An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with ... |