| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Win32k Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability |
| Windows TCP/IP Information Disclosure Vulnerability |
| .NET Denial of Service Vulnerability |
| Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability |
| NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability |
| Windows HTML Platforms Security Feature Bypass Vulnerability |
| Windows Message Queuing Client (MSMQC) Information Disclosure |
| Windows Server Key Distribution Service Security Feature Bypass |
| Windows Subsystem for Linux Elevation of Privilege Vulnerability |
| Microsoft Identity Denial of service vulnerability |
| Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data. |
| The easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg WordPress plugin before 2.4.7 does not properly secure some of its AJAX actions, allowing any logged-in users to modify its settings. |
| ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger network access to an attacker-controlled computer when opened by the victim. |
| The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.3 via the ekit_widgetarea_content function. This makes it possible for unauthenticated attackers to obtain contents of posts in draft, private or pending review status that should not be visible to the general public. This applies to posts created with Elementor only. |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access. |
| Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior.
See product Instruction Manual Appendix A dated 20230830 for more details.
|
