📦 Windows Server

This critical vulnerability in Windows LDAP allows remote attackers to execute arbitrary code on affected systems without authentication. It affects Windows servers and workstations running vulnerable...

CVE-2022-26937 is a critical remote code execution vulnerability in Windows Network File System (NFS) that allows unauthenticated attackers to execute arbitrary code on vulnerable systems. This affect...

This is a critical remote code execution vulnerability in Windows LDAP services that allows unauthenticated attackers to execute arbitrary code on vulnerable systems. It affects Windows servers runnin...

This vulnerability allows an authenticated attacker on a guest virtual machine to execute arbitrary code with elevated privileges on the Hyper-V host. It affects Windows systems running Hyper-V virtua...

CVE-2022-21907 is a critical remote code execution vulnerability in the Windows HTTP Protocol Stack (http.sys) that allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges by...

This is a critical remote code execution vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions. Attackers can exploit this vulnerability by sending specially crafted packets to vuln...

CVE-2021-43215 is a critical memory corruption vulnerability in Microsoft's iSNS Server that allows remote attackers to execute arbitrary code on affected systems. This vulnerability affects Windows S...

This vulnerability allows an authenticated attacker to gain SYSTEM privileges on Windows systems using Cluster Shared Volume (CSV). It affects Windows Server systems configured with Failover Clusterin...

This vulnerability allows an attacker to elevate privileges on Windows systems by exploiting a flaw in Windows Push Notifications Apps. Attackers could gain SYSTEM-level access by running specially cr...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems running LDAP services by sending specially crafted requests. It affects Windows servers with LDAP enabled, poten...

This vulnerability allows attackers to gain SYSTEM-level privileges on Windows systems by exploiting the Print Spooler service. It affects Windows servers and workstations where the Print Spooler serv...

This vulnerability allows an authenticated attacker to gain SYSTEM privileges on Windows systems using Cluster Shared Volume (CSV). It affects Windows Server systems configured with Failover Clusterin...

This vulnerability allows an authenticated attacker with local access to a Windows Server Failover Cluster to elevate privileges to SYSTEM level. It affects Windows Server systems using Clustered Shar...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems running LDAP services. Attackers can exploit this without authentication by sending specially crafted requests t...

This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges on Windows systems. It affects Windows Remote Access Connection Manager service, enabling local pri...

This vulnerability in Microsoft Windows Media Foundation allows remote attackers to execute arbitrary code on affected systems by tricking users into opening specially crafted media files. It affects ...

This vulnerability allows an authenticated attacker to execute code with SYSTEM privileges on Windows systems. It affects Windows Digital Media Receiver functionality, primarily impacting Windows 10 a...

CVE-2022-29115 is a remote code execution vulnerability in the Windows Fax Service that allows authenticated attackers to execute arbitrary code with SYSTEM privileges on affected systems. This affect...

CVE-2022-26913 is a Windows authentication information disclosure vulnerability that allows an attacker to obtain sensitive authentication information from a targeted system. This affects Windows syst...

This is a remote code execution vulnerability in the Windows Graphics Component that allows an attacker to execute arbitrary code on affected systems. It affects Windows operating systems and can be e...

CVE-2022-26931 is a Windows Kerberos elevation of privilege vulnerability that allows authenticated attackers to gain domain administrator privileges by exploiting improper validation of Kerberos tick...

CVE-2022-26939 is an elevation of privilege vulnerability in Windows Storage Spaces Direct that allows authenticated attackers to gain SYSTEM-level privileges on affected systems. This affects Windows...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems by sending specially crafted packets to the Point-to-Point Tunneling Protocol (PPTP) service. It affects Windows...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems running LDAP services. Attackers can exploit this without authentication to gain SYSTEM privileges on affected s...

CVE-2022-22016 is an elevation of privilege vulnerability in Windows PlayToManager that allows authenticated attackers to gain SYSTEM-level privileges on affected systems. This affects Windows clients...

CVE-2022-22019 is a critical Remote Code Execution vulnerability in the Windows Remote Procedure Call (RPC) runtime that allows an unauthenticated attacker to execute arbitrary code on vulnerable syst...

This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by exploiting a race condition in the Windows Update Stack. It affects Windows systems where an att...

CVE-2022-24505 is a Windows ALPC (Advanced Local Procedure Call) elevation of privilege vulnerability that allows authenticated attackers to gain SYSTEM-level privileges on affected systems. This affe...

CVE-2022-24507 is an elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock. It allows authenticated attackers to execute arbitrary code with SYSTEM privileges by ex...

CVE-2022-24460 is an elevation of privilege vulnerability in the Tablet Windows User Interface Application that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This af...

This vulnerability in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated attacker to execute arbitrary code with SYSTEM privileges. It affects Windows systems where an attac...

This Windows Desktop Window Manager (DWM) Core Library vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges. It affects Windows systems where an attacker has...

CVE-2022-23294 is a remote code execution vulnerability in Windows Event Tracing that allows attackers to execute arbitrary code with SYSTEM privileges. It affects Windows systems and can be exploited...

This Windows Installer vulnerability allows authenticated attackers to gain SYSTEM privileges by exploiting improper handling of file operations during installation. It affects Windows systems where u...

This vulnerability allows an authenticated attacker to execute arbitrary code with elevated privileges on affected Windows systems. It affects Windows NT OS Kernel, potentially enabling local privileg...

CVE-2022-23284 is an elevation of privilege vulnerability in the Windows Print Spooler service that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This affects Window...

This vulnerability in the Windows Cloud Files Mini Filter Driver allows an authenticated attacker to gain SYSTEM-level privileges by exploiting improper handling of objects in memory. It affects Windo...

CVE-2022-21990 is a remote code execution vulnerability in Windows Remote Desktop Client that allows an attacker to execute arbitrary code on a victim's system by tricking them into connecting to a ma...

CVE-2022-22715 is a Windows Named Pipe File System elevation of privilege vulnerability that allows authenticated attackers to gain SYSTEM-level privileges on affected systems. This affects Windows op...

CVE-2022-22717 is a Windows Print Spooler elevation of privilege vulnerability that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This affects Windows systems with t...

This vulnerability in Windows Services for NFS ONCRPC XDR Driver allows attackers to read sensitive information from kernel memory. It affects Windows systems with NFS services enabled, potentially ex...

This vulnerability allows an authenticated attacker on a guest virtual machine to execute arbitrary code on the Hyper-V host. It affects Windows systems running Hyper-V with specific configurations. A...

This vulnerability allows attackers to elevate privileges on Windows systems by exploiting the Print Spooler service. Attackers could gain SYSTEM-level access on affected Windows versions. This affect...

CVE-2022-22001 is an elevation of privilege vulnerability in Windows Remote Access Connection Manager. It allows authenticated attackers to execute code with SYSTEM privileges on affected Windows syst...

CVE-2022-21981 is a local privilege escalation vulnerability in the Windows Common Log File System (CLFS) driver that allows authenticated attackers to gain SYSTEM-level privileges. This affects Windo...

CVE-2022-21912 is a remote code execution vulnerability in the DirectX Graphics Kernel component of Windows. It allows an attacker to execute arbitrary code with kernel privileges by tricking a user i...

This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges on Windows systems. It affects Windows Remote Access Connection Manager service, enabling local pri...