| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS. |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. |
| Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue. |
| A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code execution. |
| In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API. |
| A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| .NET Framework Information Disclosure Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| Web Account Manager Information Disclosure Vulnerability |
| Windows Server Service Elevation of Privilege Vulnerability |
| Windows Security Support Provider Interface Information Disclosure Vulnerability |
| Active Directory Domain Services Elevation of Privilege Vulnerability |
| Windows Secure Channel Denial of Service Vulnerability |
| Microsoft ODBC Driver Remote Code Execution Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
