Download
| Alert*
|
oval:org.secpod.oval:def:66168
The operating system installed on the system is Microsoft Windows Server 2004. oval:org.secpod.oval:def:67678 Microsoft is aware of a vulnerability involving DNS cache poisoning caused by IP fragmentation that affects Windows DNS Resolver. An attacker who successfully exploited this vulnerability could spoof the DNS packet which can be cached by the DNS Forwarder or the DNS Resolver. oval:org.secpod.oval:def:75828 Active Directory Domain Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75825 Active Directory Domain Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75835 Active Directory Domain Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75833 Active Directory Domain Services Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75832 Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75353 Console Window Host Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75350 Windows AD FS Security Feature Bypass Vulnerability. This vulnerability could allow an attacker to bypass ADFS BannedIPList entries for WS-Trust workflows. oval:org.secpod.oval:def:75355 Active Directory Federation Server Spoofing Vulnerability. The ADFS (Active Directory Federation Services) services are vulnerable during the logout redirect request to cross-site scripting of the post logout redirect URI. An attacker who successfully exploited this vulnerability could leave an appl ... oval:org.secpod.oval:def:75305 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability is only exploitable if the server is configured to be a DNS server. oval:org.secpod.oval:def:75318 Active Directory Security Feature Bypass Vulnerability. This vulnerability could allow an attacker to bypass Active Directory domain permissions for Key Admins groups. oval:org.secpod.oval:def:74305 Windows Recovery Environment Agent Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74334 The host is missing a critical security update for KB5005033 oval:org.secpod.oval:def:73763 Windows ADFS Security Feature Bypass Vulnerability. This vulnerability relates to Primary Refresh Tokens which are usually stored in TPM. These tokens are usually used for SSO for Azure AD accounts. The tokens are not encrypted in a strong enough manner, and an administrator with access to a vulnera ... oval:org.secpod.oval:def:73761 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73758 Media Foundation Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:73783 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73780 Windows Kernel Remote Code Execution Vulnerability. This issue allows a single root input/output virtualization (SR-IOV) device which is assigned to a guest to potentially interfere with its Peripheral Component Interface Express (PCIe) siblings which are attached to other guests or to the root. You ... oval:org.secpod.oval:def:73804 Windows DNS Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73801 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73793 Windows DNS Server Denial of Service Vulnerability oval:org.secpod.oval:def:73768 Windows LSA Security Feature Bypass Vulnerability. A read only domain controller (RODC) is able to delegate rights by granting itself a ticket. A full DC does not validate the ticket thus granting R/W privileges to a DC that should only have read privileges. oval:org.secpod.oval:def:73764 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability is only exploitable if the server is configured to be a DNS server. oval:org.secpod.oval:def:73754 Windows DNS Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73789 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability is only exploitable if the server is configured to be a DNS server. oval:org.secpod.oval:def:73775 Windows DNS Server Denial of Service Vulnerability. This vulnerability is only exploitable if the server is configured to be a DNS server. oval:org.secpod.oval:def:73774 Windows DNS Server Denial of Service Vulnerability. This vulnerability is only exploitable if the server is configured to be a DNS server. oval:org.secpod.oval:def:73748 Windows DNS Server Denial of Service Vulnerability. This vulnerability is only exploitable if the server is configured to be a DNS server. oval:org.secpod.oval:def:73749 Windows DNS Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:73809 Windows Key Distribution Center Information Disclosure Vulnerability. The vulnerable component uses a weak encryption algorithm or cipher. Traffic sent over a network by the vulnerable component could be decrypted and expose information related to a user or service's active session. oval:org.secpod.oval:def:73839 The host is missing a critical security update for KB5004237 oval:org.secpod.oval:def:73269 Microsoft DWM Core Library Elevation of Privilege Vulnerability. This vulnerability is subject to a local escalation of privilege attack. The attacker would most likely arrange to run an executable or script on the local computer. An attacker could gain access to the computer through a variety of me ... oval:org.secpod.oval:def:73274 The host is missing a critical security update for KB5003637 oval:org.secpod.oval:def:73258 Windows Bind Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memor ... oval:org.secpod.oval:def:71014 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:71003 Windows Secure Kernel Mode Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70049 Windows 10 Update Assistant Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70013 Windows Win32k Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69988 Windows Error Reporting Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69993 Windows Hyper-V Remote Code Execution Vulnerability. Any Hyper-V client which is configured to use the Plan 9 file system could be vulnerable. An authenticated attacker who successfully exploited this vulnerability on a Hyper-V client could cause code to execute on the Hyper-V server. oval:org.secpod.oval:def:70015 Windows DNS Server Denial of Service Vulnerability. This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month's security update patch. oval:org.secpod.oval:def:70010 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month's security update patch. oval:org.secpod.oval:def:70006 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month's security update patch. oval:org.secpod.oval:def:70007 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month's security update patch. oval:org.secpod.oval:def:70008 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month's security update patch. oval:org.secpod.oval:def:70009 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month's security update patch. oval:org.secpod.oval:def:70000 Windows DNS Server Remote Code Execution Vulnerability. This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month's security update patch. oval:org.secpod.oval:def:69031 Windows Network File System Denial of Service Vulnerability oval:org.secpod.oval:def:69053 The host is missing an important security update for KB4601050 oval:org.secpod.oval:def:68192 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68198 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68225 Windows Event Logging Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68215 Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:67675 DirectX Graphics Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67670 Kerberos Security Feature Bypass Vulnerability oval:org.secpod.oval:def:67703 The host is missing a critical security update for KB4592438 oval:org.secpod.oval:def:70050 The host is missing a critical security update for KB5000802 oval:org.secpod.oval:def:69083 The host is missing a critical security update for KB4601319 oval:org.secpod.oval:def:69034 Windows Fax Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:66866 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66886 Windows Update Orchestrator Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66887 Windows Update Orchestrator Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66889 Windows Update Orchestrator Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66927 Kerberos Security Feature Bypass Vulnerability oval:org.secpod.oval:def:66928 Windows Network File System Remote Code Execution Vulnerability. oval:org.secpod.oval:def:75323 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75304 Windows Bind Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75319 Microsoft DWM Core Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75315 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74326 Windows LSA Spoofing Vulnerability. An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM. This security update blocks the affected API calls OpenEncryptedFileRawA and OpenEncryptedFileRawW through L ... oval:org.secpod.oval:def:66625 The host is installed with Microsoft Windows 7 and above and is prone to a windows kernel zero day vulnerability. A flaw is present in the application, which fails to handle Windows Kernel Cryptography Driver. Successful exploitation allows attackers to perform a privilege escalation (such as sandbo ... oval:org.secpod.oval:def:68183 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68205 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76088 Windows 10 Update Assistant Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:66875 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66874 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66877 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66876 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66879 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66880 Windows Print Configuration Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66882 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66881 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66884 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66883 Windows KernelStream Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:66864 Windows Graphics Component Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:66863 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66865 Windows Error Reporting Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66868 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66867 Win32k Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:66869 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66871 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66870 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66873 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66872 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66885 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66888 Windows USO Core Worker Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66890 Windows Update Stack Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66856 Windows Spoofing Vulnerability oval:org.secpod.oval:def:66860 DirectX Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66891 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66916 Remote Desktop Protocol Server Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized read access to Windows RDP server process. oval:org.secpod.oval:def:66917 Windows Port Class Library Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:66919 Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66930 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:66932 Windows Update Medic Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66931 Windows NDIS Information Disclosure Vulnerability oval:org.secpod.oval:def:66934 Windows Kernel Local Elevation of Privilege Vulnerability oval:org.secpod.oval:def:66933 Windows Delivery Optimization Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the me ... oval:org.secpod.oval:def:66935 Microsoft Defender for Endpoint Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:66921 Windows MSCTF Server Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:66920 Windows Canonical Display Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the ... oval:org.secpod.oval:def:66923 Windows Hyper-V Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:66922 Windows Function Discovery SSDP Provider Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressin ... oval:org.secpod.oval:def:66925 Windows Error Reporting Denial of Service Vulnerability. oval:org.secpod.oval:def:66924 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:66926 Windows Network File System Denial of Service Vulnerability oval:org.secpod.oval:def:66929 Windows Network File System Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:68180 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68181 Windows WLAN Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68184 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68185 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68182 While this issue is labeled as an elevation of privilege, it can also be exploited to disclose information. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68188 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68189 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68186 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68187 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68179 Windows Bluetooth Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68191 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68190 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68195 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68196 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68193 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68194 GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:68199 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68207 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68208 Windows Bluetooth Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68209 Windows Bluetooth Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68210 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68213 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67677 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:68200 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68203 NTLM Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68204 Windows CryptoAPI Denial of Service Vulnerability oval:org.secpod.oval:def:68201 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68202 Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability oval:org.secpod.oval:def:67647 A local attacker could run a specially crafted application that would elevate the attacker's privileges. A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system. oval:org.secpod.oval:def:67648 Windows Digital Media Receiver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67650 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67652 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67651 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67653 Windows Overlay Filter Security Feature Bypass Vulnerability oval:org.secpod.oval:def:67667 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67666 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67669 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67668 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67672 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:67671 Windows Network Connections Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67674 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:67673 To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code when it fails to properly validate vSMB packet data. oval:org.secpod.oval:def:67663 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67665 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67664 Windows Backup Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70011 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69032 Microsoft Windows VMSwitch Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:69030 Windows TCP/IP Remote Code Execution Vulnerability oval:org.secpod.oval:def:69035 Windows Backup Engine Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information. oval:org.secpod.oval:def:69036 Windows Trust Verification API Denial of Service Vulnerability oval:org.secpod.oval:def:69033 Windows Fax Service Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69039 Windows Address Book Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69037 Microsoft Windows Codecs Library Remote Code Execution Vulnerability oval:org.secpod.oval:def:70002 Microsoft Windows Media Foundation Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70003 Windows Media Photo Codec Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory ... oval:org.secpod.oval:def:70005 Windows Update Stack Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70001 Windows Print Spooler Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69024 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69025 Windows Fax Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:69028 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69029 Windows Remote Procedure Call Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:69026 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69027 PFX Encryption Security Feature Bypass Vulnerability. When exporting a SID-protected PFX file, keys encrypted using AES are not properly protected. Any SID-protected PFX files using AES for key encryption should be regenerated and exported after this update is installed. oval:org.secpod.oval:def:69050 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:69051 Windows DirectX Information Disclosure Vulnerability oval:org.secpod.oval:def:69052 Windows PKU2U Elevation of Privilege Vulnerability. PKU2U is a peer-to-peer authentication protocol. This setting prevents online identities from authenticating to domain-joined systems. Authentication will be centrally managed with Windows user accounts. oval:org.secpod.oval:def:69042 Windows Local Spooler Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69043 Windows Camera Codec Pack Remote Code Execution Vulnerability oval:org.secpod.oval:def:69040 Windows Mobile Device Management Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:69041 Windows TCP/IP Denial of Service Vulnerability. IPv6 Link-local addresses are not routable on the internet and are not reachable by remote attackers. An attack would need to originate from the same logical network segment for systems that are ONLY configured with IPv6 Link-local addresses. oval:org.secpod.oval:def:69046 Windows Kernel Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69047 Windows Console Driver Denial of Service Vulnerability. oval:org.secpod.oval:def:69044 Windows Graphics Component Remote Code Execution Vulnerability oval:org.secpod.oval:def:69045 Windows TCP/IP Remote Code Execution Vulnerability. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an atta ... oval:org.secpod.oval:def:69048 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69004 The host is installed with .NEt Framework and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to perform denial of service attacks. oval:org.secpod.oval:def:68218 To exploit this vulnerability, an attacker would need to launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine. oval:org.secpod.oval:def:68219 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68217 Windows CSC Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68221 Windows InstallService Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68222 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68220 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68226 Windows Hyper-V Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68223 Remote Procedure Call Runtime Remote Code Execution Vulnerability oval:org.secpod.oval:def:68224 Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68238 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting ad ... oval:org.secpod.oval:def:68239 Windows Multipoint Management Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68240 Windows (modem.sys) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68241 Windows LUAFV Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68229 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:68227 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68228 Windows Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68232 Active Template Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68233 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68230 Windows DNS Query Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:68231 Windows Docker Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is secret data encrypted with DP API can be decrypted. oval:org.secpod.oval:def:68236 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68237 Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:68234 TPM Device Driver Information Disclosure Vulnerability.The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:68235 Windows Fax Compose Form Remote Code Execution Vulnerability oval:org.secpod.oval:def:69989 DirectX Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69987 Windows Print Spooler Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system. oval:org.secpod.oval:def:69992 Windows Win32k Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69991 Windows Installer Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69996 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69997 Windows User Profile Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69994 Windows Graphics Component Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69998 Windows Win32k Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:69999 OpenType Font Parsing Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70046 Application Virtualization Remote Code Execution Vulnerability oval:org.secpod.oval:def:70047 Windows Container Execution Agent Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70048 Windows Extensible Firmware Interface Security Feature Bypass Vulnerability oval:org.secpod.oval:def:70042 Windows NAT Denial of Service Vulnerability oval:org.secpod.oval:def:70043 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70044 Remote Access API Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70045 User Profile Service Denial of Service Vulnerability oval:org.secpod.oval:def:70014 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70016 Windows Win32k Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70012 Windows UPnP Device Host Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70039 Windows ActiveX Installer Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:70035 Windows App-V Overlay Filter Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70036 Windows Virtual Registry Provider Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70037 Windows Container Execution Agent Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70038 Windows Update Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70033 Windows Update Stack Setup Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70034 Windows Event Tracing Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70040 Windows Projected File System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70041 Windows Overlay Filter Elevation of Privilege Vulnerability oval:org.secpod.oval:def:70978 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70979 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70974 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70975 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70976 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70977 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70970 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70971 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70972 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70973 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70967 Microsoft Internet Messaging API Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70968 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70969 NTFS Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70963 Azure AD Web Sign-in Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:70964 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70965 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70966 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:70960 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70961 In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the ... oval:org.secpod.oval:def:70962 In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the ... oval:org.secpod.oval:def:70996 Windows Media Photo Codec Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:70992 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:70993 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:70994 Windows GDI+ Remote Code Execution Vulnerability oval:org.secpod.oval:def:70995 Windows GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70990 Windows DNS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70991 Windows DNS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70989 Windows AppX Deployment Server Denial of Service Vulnerability oval:org.secpod.oval:def:70981 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70982 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70983 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70984 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70980 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70956 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70957 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70958 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70959 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70952 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70953 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70954 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70955 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70950 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70951 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70945 The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:70946 The bug allows an attacker to escalate privileges by running a specially crafted program on a target system. This does mean that they will either need to log on to a system or trick a legitimate user into running the code on their behalf. Considering who is listed as discovering this bug, it is prob ... oval:org.secpod.oval:def:70948 Windows NTFS Denial of Service Vulnerability. oval:org.secpod.oval:def:70949 Remote Procedure Call Runtime Remote Code Execution Vulnerability. oval:org.secpod.oval:def:73249 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. CVE-2021-31199 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the June securi ... oval:org.secpod.oval:def:73247 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73248 Windows DCOM Server Security Feature Bypass. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted ... oval:org.secpod.oval:def:73252 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73250 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. Microsoft CVE-2021-31201 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the J ... oval:org.secpod.oval:def:73251 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73267 Server for NFS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73268 Windows Hyper-V Denial of Service Vulnerability. By sending a specially crafted message to the Hyper-V host virtualization stack, a guest VM could cause a reference count in the host virtualization stack to be leaked. In most circumstances, this would result in a memory leak on the Hyper-V host. If ... oval:org.secpod.oval:def:73265 Server for NFS Denial of Service Vulnerability oval:org.secpod.oval:def:73266 Server for NFS Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73271 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73259 Kerberos AppContainer Security Feature Bypass Vulnerability. In an enterprise environment this vulnerability might allow an attacker to bypass Kerberos authentication, to authenticate to an arbitrary service principal name. oval:org.secpod.oval:def:73256 Windows NTLM Elevation of Privilege Vulnerability. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially c ... oval:org.secpod.oval:def:73254 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73255 Windows NTFS Elevation of Privilege Vulnerability. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker co ... oval:org.secpod.oval:def:73263 Event Tracing for Windows Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory ... oval:org.secpod.oval:def:73264 Windows GPSVC Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73261 Windows TCP/IP Driver Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73260 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71026 Windows Hyper-V Security Feature Bypass Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Guest VM to Hyper-V host server - virtualization security boundary. oval:org.secpod.oval:def:71025 Windows Hyper-V Security Feature Bypass Vulnerability. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router path ... oval:org.secpod.oval:def:71028 Windows Hyper-V Denial of Service Vulnerability. An attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. This can cause the host OS to crash by sending specially crafted request. oval:org.secpod.oval:def:71027 Windows Hyper-V Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:71022 Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71021 Windows Speech Runtime Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71024 Windows Overlay Filter Security Feature Bypass Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:71023 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71019 Windows Speech Runtime Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71018 Windows TCP/IP Driver Denial of Service Vulnerability. oval:org.secpod.oval:def:71015 Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability oval:org.secpod.oval:def:71017 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:71016 Windows TCP/IP Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71011 Windows Console Driver Denial of Service Vulnerability oval:org.secpod.oval:def:71010 Windows Console Driver Denial of Service Vulnerability oval:org.secpod.oval:def:71013 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:71012 Windows Application Compatibility Cache Denial of Service Vulnerability. oval:org.secpod.oval:def:71020 Windows Speech Runtime Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:71008 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71007 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:71009 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71004 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:71006 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71005 Windows Portmapping Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71000 Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:71002 Windows Services and Controller App Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71001 Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:70997 Windows Network File System Remote Code Execution Vulnerability. oval:org.secpod.oval:def:70998 Windows Event Tracing Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:70999 Windows Event Tracing Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:73799 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73797 Windows Kernel Remote Code Execution Vulnerability oval:org.secpod.oval:def:73798 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73796 Windows Address Book Remote Code Execution Vulnerability oval:org.secpod.oval:def:73794 Windows Kernel Memory Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory from the file cache. This could include unintentional read access to memory contents in kernel space from a user mode process ... oval:org.secpod.oval:def:74307 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74306 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability oval:org.secpod.oval:def:74303 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74304 Windows User Account Profile Picture Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74302 Windows TCP/IP Remote Code Execution Vulnerability. This is remotely triggerable by a malicious Hyper-V guest sending an ipv6 ping to the Hyper-V host. An attacker could send a specially crafted TCPIP packet to its host utilizing the TCPIP Protocol Stack (tcpip.sys) to process packets. oval:org.secpod.oval:def:73769 Windows LSA Denial of Service Vulnerability oval:org.secpod.oval:def:73766 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:73767 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73765 Active Directory Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73762 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73760 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73770 Windows Font Driver Host Remote Code Execution Vulnerability oval:org.secpod.oval:def:73759 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:73755 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:73756 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73753 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73751 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73752 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73750 Windows DNS Snap-in Remote Code Execution Vulnerability. An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. oval:org.secpod.oval:def:73788 Win32k Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73786 DirectWrite Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file: a. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the fil ... oval:org.secpod.oval:def:73787 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73784 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73785 Windows Console Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73782 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73792 Windows GDI Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73790 Windows GDI Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:73779 Windows Hyper-V Remote Code Execution Vulnerability. This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. oval:org.secpod.oval:def:73778 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73773 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:73772 GDI+ Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:73781 Windows AppContainer Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:73746 Windows Projected File System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73747 Windows Secure Kernel Mode Security Feature Bypass Vulnerability oval:org.secpod.oval:def:73744 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73745 Windows Media Remote Code Execution Vulnerability oval:org.secpod.oval:def:73742 Windows TCP/IP Driver Denial of Service Vulnerability oval:org.secpod.oval:def:73743 Windows InstallService Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:73807 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73808 Windows Remote Access Connection Manager Information Disclosure Vulnerability oval:org.secpod.oval:def:73805 Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:73806 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73803 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73802 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73800 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73823 Windows Remote Assistance Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:73824 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:73821 Windows Certificate Spoofing Vulnerability oval:org.secpod.oval:def:73822 Windows Partition Management Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73820 Bowser.sys Denial of Service Vulnerability oval:org.secpod.oval:def:73818 Windows Remote Access Connection Manager Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressin ... oval:org.secpod.oval:def:73816 Windows File History Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73817 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73815 Windows Remote Access Connection Manager Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized and/or uninitialized memory in the process heap. oval:org.secpod.oval:def:73812 Windows AF_UNIX Socket Provider Denial of Service Vulnerability oval:org.secpod.oval:def:73813 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73810 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:73811 Windows Authenticode Spoofing Vulnerability oval:org.secpod.oval:def:75306 DirectX Graphics Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75303 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75302 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75301 Windows Nearby Sharing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75300 Windows NAT Denial of Service Vulnerability oval:org.secpod.oval:def:74327 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:74328 Windows Update Medic Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74323 Windows Print Spooler Remote Code Execution Vulnerability oval:org.secpod.oval:def:74324 Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:74321 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74322 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74897 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74896 Windows Subsystem for Linux Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74892 Windows Installer Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:74318 Windows Bluetooth Driver Elevation of Privilege Vulnerability. An authorized attacker could exploit the Windows Bluetooth driver vulnerability by programatically running certain functions that could lead to elevation of privilege on the Bluetooth component. oval:org.secpod.oval:def:74319 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:74317 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74314 Windows Graphics Component Font Parsing Remote Code Execution Vulnerability oval:org.secpod.oval:def:74312 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74313 Windows Graphics Component Remote Code Execution Vulnerability oval:org.secpod.oval:def:74310 Windows User Profile Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74311 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74309 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75299 Windows Hyper-V Remote Code Execution Vulnerability oval:org.secpod.oval:def:75298 Windows Installer Spoofing Vulnerability oval:org.secpod.oval:def:75297 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75296 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75295 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75293 Windows Print Spooler Spoofing Vulnerability oval:org.secpod.oval:def:75292 Windows TCP/IP Denial of Service Vulnerability oval:org.secpod.oval:def:75291 An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an IOCTL parameter, which could lead to an out-of-bounds buffer writ ... oval:org.secpod.oval:def:75349 Windows Fast FAT File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75348 Windows exFAT File System Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:75347 Windows Fast FAT File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75346 Windows HTTP.sys Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75345 Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75344 Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability oval:org.secpod.oval:def:75354 Windows AppX Deployment Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75352 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:75351 Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability. This vulnerability could allow an attacker to bypass Extended Protection for Authentication provided by SPN target name validation. oval:org.secpod.oval:def:75343 Windows Text Shaping Remote Code Execution Vulnerability oval:org.secpod.oval:def:75309 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75308 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75307 Windows AppContainer Elevation Of Privilege Vulnerability oval:org.secpod.oval:def:75310 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75322 Storage Spaces Controller Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75316 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75314 Windows Print Spooler Information Disclosure Vulnerability. he type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:75313 Windows Media Audio Decoder Remote Code Execution Vulnerability oval:org.secpod.oval:def:75312 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:75311 Storage Spaces Controller Elevation of Privilege Vulnerability. An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an I ... oval:org.secpod.oval:def:75320 Windows Graphics Component Remote Code Execution Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file.* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to ... oval:org.secpod.oval:def:75822 Microsoft COM for Windows Remote Code Execution Vulnerability. An authorized attacker could exploit this Windows COM vulnerability by sending from a user mode application specially crafted malicious COM traffic directed at the COM Server, which might lead to remote code execution. oval:org.secpod.oval:def:75834 Windows Hello Security Feature Bypass Vulnerability oval:org.secpod.oval:def:71851 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71850 Windows SMB Client Security Feature Bypass Vulnerability. Guest fallback access in SMB2 is not disabled by default. Installing this security update will disable guest fallback access to enforce the operating system edition settings and Group Policy settings. Guest fallback behavior default will retu ... oval:org.secpod.oval:def:71848 Windows SSDP Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71847 Windows Media Foundation Core Remote Code Execution Vulnerability oval:org.secpod.oval:def:71849 OLE Automation Remote Code Execution Vulnerability oval:org.secpod.oval:def:71844 Windows Graphics Component Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71846 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71840 Microsoft Bluetooth Driver Spoofing Vulnerability oval:org.secpod.oval:def:71842 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. oval:org.secpod.oval:def:71841 Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space f ... oval:org.secpod.oval:def:71837 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71836 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71839 Windows Graphics Component Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71838 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71833 Windows Container Manager Service Elevation of Privilege Vulnerability oval:org.secpod.oval:def:71832 Windows CSC Service Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. oval:org.secpod.oval:def:71835 HTTP Protocol Stack Remote Code Execution Vulnerability. In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. oval:org.secpod.oval:def:71834 Windows Desktop Bridge Denial of Service Vulnerability oval:org.secpod.oval:def:71831 Hyper-V Remote Code Execution Vulnerability. This issue allows a guest VM to force the Hyper-V host's kernel to read from an arbitrary, potentially invalid address. The contents of the address read would not be returned to the guest VM. In most circumstances, this would result in a denial of service ... oval:org.secpod.oval:def:71804 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability oval:org.secpod.oval:def:69049 Microsoft Windows Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75358 The host is missing a critical security update for KB5006670 oval:org.secpod.oval:def:68197 Windows Remote Desktop Security Feature Bypass Vulnerability oval:org.secpod.oval:def:68247 The host is missing an important security update for KB4598242 oval:org.secpod.oval:def:75283 Rich Text Edit Control Information Disclosure Vulnerability oval:org.secpod.oval:def:71871 The host is missing a critical security update for KB5003173 oval:org.secpod.oval:def:71828 Windows Wireless Networking Information Disclosure Vulnerability oval:org.secpod.oval:def:71829 Windows Wireless Networking Spoofing Vulnerability oval:org.secpod.oval:def:71830 Windows Wireless Networking Spoofing Vulnerability oval:org.secpod.oval:def:74899 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:74898 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space ... oval:org.secpod.oval:def:74895 Windows WLAN AutoConfig Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:74893 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74894 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74888 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74889 Windows Authenticode Spoofing Vulnerability oval:org.secpod.oval:def:74886 Windows Scripting Engine Memory Corruption Vulnerability. Exploitation of the vulnerability requires that a user open a specially crafted file:* In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open ... oval:org.secpod.oval:def:74887 Windows Bind Filter Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74891 Windows Installer Denial of Service Vulnerability oval:org.secpod.oval:def:74890 Windows SMB Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. oval:org.secpod.oval:def:74931 The host is missing a critical security update for KB5005565 oval:org.secpod.oval:def:74916 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74917 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74914 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74915 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74912 Windows Storage Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. oval:org.secpod.oval:def:74913 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74910 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode pro ... oval:org.secpod.oval:def:74911 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode pro ... oval:org.secpod.oval:def:74907 BitLocker Security Feature Bypass Vulnerability. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. oval:org.secpod.oval:def:74908 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74905 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a ... oval:org.secpod.oval:def:74906 Windows Event Tracing Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74903 Windows Key Storage Provider Security Feature Bypass Vulnerability. A successful attacker could bypass the Windows Key Storage Provider which issues key certificates for trust in attestation scenarios. oval:org.secpod.oval:def:74904 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74901 Windows SMB Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74902 Win32k Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74900 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability oval:org.secpod.oval:def:74909 Microsoft Windows Update Client Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76439 Windows Hyper-V Denial of Service Vulnerability oval:org.secpod.oval:def:76437 Windows Kernel Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76436 NTFS Set Short Name Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76435 Windows Recovery Environment Agent Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76434 Windows Remote Access Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76433 Windows Setup Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76443 Windows Installer Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76441 Windows Digital Media Receiver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76440 Windows TCP/IP Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76429 Remote Desktop Client Remote Code Execution Vulnerability oval:org.secpod.oval:def:76428 Windows Event Tracing Remote Code Execution Vulnerability oval:org.secpod.oval:def:76427 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76426 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76425 Windows NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76424 SymCrypt Denial of Service Vulnerability oval:org.secpod.oval:def:76423 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76422 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76432 Microsoft Message Queuing Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:76431 Storage Spaces Controller Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76430 Windows Fax Service Remote Code Execution Vulnerability oval:org.secpod.oval:def:76444 Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76419 Microsoft Message Queuing Information Disclosure Vulnerability. Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. oval:org.secpod.oval:def:76418 DirectX Graphics Kernel File Denial of Service Vulnerability oval:org.secpod.oval:def:76417 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. oval:org.secpod.oval:def:76416 Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode proc ... oval:org.secpod.oval:def:76415 iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution. An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution. oval:org.secpod.oval:def:76414 Windows Common Log File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76413 Windows Print Spooler Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76421 Windows Common Log File System Driver Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. oval:org.secpod.oval:def:76420 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76467 The host is missing a critical security update for KB5008212 oval:org.secpod.oval:def:75829 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75827 Windows Feedback Hub Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75826 Chakra Scripting Engine Memory Corruption Vulnerability oval:org.secpod.oval:def:75824 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75823 Microsoft Windows Media Foundation Remote Code Execution Vulnerability oval:org.secpod.oval:def:75821 Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability oval:org.secpod.oval:def:75820 Windows Installer Elevation of Privilege Vulnerability. An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. oval:org.secpod.oval:def:75819 Windows NTFS Remote Code Execution Vulnerability oval:org.secpod.oval:def:75818 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75817 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. oval:org.secpod.oval:def:75816 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75815 NTFS Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75814 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75813 Windows Denial of Service Vulnerability oval:org.secpod.oval:def:75812 Remote Desktop Client Remote Code Execution Vulnerability. In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote D ... oval:org.secpod.oval:def:75810 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. oval:org.secpod.oval:def:75840 The host is missing a critical security update for KB5007186 oval:org.secpod.oval:def:75839 The host is installed with Edge-Chromium and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:75831 Windows Kernel Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75830 Windows Hyper-V Denial of Service Vulnerability. Installations of Hyper-V with GRE (Generic Routing Encapsulation) enabled is vulnerable. oval:org.secpod.oval:def:75809 Windows Desktop Bridge Elevation of Privilege Vulnerability oval:org.secpod.oval:def:75808 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability. A remote code execution vulnerability exists when a VM guest fails to properly handle communication on a VMBus channel. To exploit the vulnerability, an authenticated attacker could send a specially crafted communication on t ... oval:org.secpod.oval:def:76446 An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with ... |
